1. Home
  2. Knowledge Base
  3. SSL Check: How to verify your SSL certificate

Website security is critical for the success of any internet business. One way to ensure the protection of your data and that of customers who visit your site against unauthorized access is through the use of an encrypted communication protocol. A secure socket layer (SSL) is the standard security protocol for establishing an encrypted connection between a server and a browser. This protocol ensures that all data transmitted between the browser and the webserver remains private and integral. SSL is an industry standard and is currently deployed by millions of web sites to protect the integrity of online transactions with their customers.

To create an SSL connection on a web server, there is a need for what is called an SSL certificate. When you choose to activate SSL on your website, you will be prompted to provide some information about the identity of your website.

SSL certificate checker

How to perform an SSL check

SSL ratings: what they stand for

Certificate chain incomplete warning


After installing an SSLA certificate on your web server, you should always run an SSL check to ascertain everything is well set up. SSL certificates require an installation of the primary and intermediate certificates. In situations where either or both of the certificates aren’t set up correctly, visitors to your websites could get a security warning in their browsers which could ward off any subsequent visit. In certain situations, depending on your browser version, you as the site admin may be oblivious of this warning. That is why it is recommended as a best practice to run an SSL check using a third-party tool.


After successfully installing an SSL, it is good practice to confirm the correct functionality of the installed system. At this time, you will want to check on your domain SSL to verify expiry dates, any covered subdomains or other information. There are a variety of free SSL certificate checking tools on the internet. For this illustration, the free SSL check tool from Qualys SSL labs would be used.

To begin, after opening the SSL check tool, input your domain name in the field provided for hostname and click on submit. An option is available to select to hide the public display of results, click this if you prefer. After submitting, it would take a few moments to scan your site’s SSL/TLS configuration.


The Qualys SSL labs assign users SSL server ratings that could range from an A to an F. An A score shows excellent performance. This means you have both your SSL intermediate certificate and SSL certificate correctly setup on your web server; you should aim for an A. A warning notice usually will follow with a detailed explanation if your SSL is not set up correctly. In the warning explanation for errors, a list of possible fixes for such errors is usually provided. This can be found further below the summary page.




The “certificate chain incomplete” warning is frequently reported during any SSL check. It occurs as a result of the non-addition of one of the required keys during the SSL installation. Usually, when you install an SSL on a web server, it requires that your private key, certificate key, and chain. If only one of the key is inputted say certificate key, there will be an error prompt with the warning ‘This certificate chain is incomplete”. Hence, the grade attained will be capped to B. Blow the summary page, the detailed report will prompt to having a chain issue.

To fix this error, you need to include your intermediate certificate as well. These certificates are usually provided by the SSL providers on purchase/signup and are generally in the form of a .crt file and a .ca-bundle file. You can do this by simply pasting the contents of your .crt file in the certificate session with the contents of the .ca-bundle file just below it. A free tool is available for use if you don’t have or know their intermediate certificate. Visit “https://whatsmychaincert.com” to access this tool.



Was this article helpful?

Leave a Reply

Your email address will not be published.