An SSL certificate expiry calculator helps you plan renewal schedules and avoid unexpected certificate outages. Enter your certificate's issue date and validity period to instantly see the expiry date, renewal deadline, and days remaining — including a full Let's Encrypt auto-renewal schedule.
Certificate Details
Custom validity in days
Certificate Timeline
Let's Encrypt Auto-Renewal Schedule
90-day certificates, renewing at 60 days (30-day buffer). Certbot checks twice daily.
Add Renewal Reminder
Set a calendar reminder on your renewal date to avoid expiry. For manual renewals, add a second reminder 1–2 weeks before the expiry date as a backup.
How to Use the SSL Certificate Expiry Calculator
An expired SSL certificate is one of the most preventable infrastructure outages. Browsers immediately block access to sites with expired certificates, and the warning page is alarming to visitors. This SSL certificate expiry calculator helps you plan your renewal schedule so you never get caught off guard — whether you are using Let's Encrypt, a commercial CA, or a self-signed certificate.
Step 1: Find Your Certificate's Issue Date
Click the padlock icon in your browser when visiting your site to find your current SSL certificate's issue date. Alternatively, run openssl s_client -connect yourdomain.com:443 2>/dev/null | openssl x509 -noout -dates in your terminal. The "notBefore" date is your issue date. Enter it in the calculator's Issue Date field.
Step 2: Select Your Validity Period
Choose your certificate's validity period using the preset buttons. Let's Encrypt certificates are valid for exactly 90 days. Most commercial SSL certificates from providers like DigiCert, Sectigo, and GlobalSign are issued for 1 year (365 days). The maximum allowed validity is 397 days per industry rules enforced since September 2020. If you have a custom period, click "Custom" and enter the exact number of days.
Step 3: Set Your Renewal Buffer
The renewal buffer is how many days before expiry you want to be reminded to renew. The standard for Let's Encrypt with Certbot is 30 days — Certbot attempts renewal when fewer than 30 days remain. For manually renewed certificates, a 60–90 day buffer gives you enough time to coordinate with your CA, test the new certificate, and deploy it without rushing.
Step 4: Review Your Certificate Timeline
The calculator shows your issue date, renewal date, and expiry date in a visual timeline. The status banner at the top shows whether your certificate is currently valid, expiring soon, or expired. The percentage bar shows how much of your certificate's life has been used. Days remaining until renewal and expiry are shown separately.
Step 5: Use the Let's Encrypt Schedule and Calendar Reminder
If you are using Let's Encrypt's 90-day certificates, the calculator shows your full auto-renewal schedule for the next several years — the dates when Certbot will attempt renewal. For any certificate type, download the .ics calendar file to add a renewal reminder directly to your calendar app. This is especially useful for manually renewed certificates where there is no automation to rely on.
Frequently Asked Questions
Is this SSL certificate expiry calculator free?
Yes, completely free with no limits. All calculations are done in your browser using JavaScript — no data is sent to a server, no account required, and your domain or certificate information is never stored.
Is my certificate information safe?
Yes. This tool only asks for the issue date, validity period, and renewal buffer — it does not ask for your actual certificate file, private key, or domain name. All calculations happen locally in your browser and nothing is transmitted anywhere.
How long are Let's Encrypt SSL certificates valid?
Let's Encrypt certificates are valid for 90 days. This short validity period encourages automation and reduces risk from compromised certificates. Let's Encrypt recommends renewing at 60 days (30 days before expiry), which is why most ACME clients like Certbot attempt renewal when fewer than 30 days remain.
Why is the standard SSL certificate validity period now 1 year?
As of September 2020, SSL/TLS certificate authorities can no longer issue certificates with a validity period longer than 397 days (approximately 13 months). Apple, Google, and Mozilla enforced this to reduce risk from outdated certificates and to encourage more frequent key rotation. Previously, certificates could be issued for up to 2 years.
What renewal buffer should I use?
For Let's Encrypt (90-day certs), a 30-day renewal buffer is standard — Certbot's default. For 1-year certificates, 30–60 days gives you time to renew before the certificate expires. For 2-year certificates, a 60–90 day buffer is recommended so you have time to coordinate with your CA and avoid service disruption. This calculator shows your renewal date with whichever buffer you select.
What is the Let's Encrypt auto-renewal schedule?
Certbot and other ACME clients typically run a renewal check twice daily via a cron job or systemd timer. They attempt renewal when fewer than 30 days remain on the certificate (with the standard 90-day validity, that means at day 60). If renewal fails, Certbot retries with exponential backoff. This calculator shows your next several renewal dates if you are using 90-day certificates with auto-renewal.
What happens if an SSL certificate expires?
When an SSL certificate expires, visitors to your site will see a browser security warning saying the connection is not secure. Most modern browsers block access entirely with an error page. This causes immediate loss of traffic, trust, and conversions. Search engines may also de-rank sites with expired certificates. That is why renewal reminders and automation are critical.
How do I check when my current SSL certificate expires?
Click the padlock icon in your browser's address bar when visiting your site, then click 'Certificate' or 'Connection is secure' to view certificate details including the expiry date. Alternatively, use a command line tool: openssl s_client -connect yourdomain.com:443 2>/dev/null | openssl x509 -noout -dates. Once you know the issue date and validity period, enter them in this calculator for renewal planning.