Magic decoder rings!

We got you.

Useful things that run right here in your browser. No install, no account, no data leaving your machine.

Built for the person who got handed a .cer file and a deadline. Zero jargon, all answers.

Certificate Tools

100% Local — Nothing Leaves Your Browser

Certificate Inspector

Paste a PEM certificate (the -----BEGIN CERTIFICATE----- block) and get a plain-language breakdown. Expiry date, subject, issuer — the things you actually need to know.

Paste Certificate (PEM format)

Paste a certificate above and click Inspect.

Everything runs in your browser. Your certificate never leaves your device.

Uses crt.sh Public Database

Domain Certificate Lookup

Enter a domain name and see what certificates have been publicly logged for it — expiry dates, issuing CA, and common names. Useful for checking your own certs or investigating a domain.

Domain Name

Results will appear here.

Data comes from crt.sh, the public certificate transparency log search engine. Results reflect publicly issued TLS certificates only — internal / private CA certificates don't appear here.

Generators

100% Local — Cryptographically Random

Password & PFX PIN Generator

Generate secure passwords for PFX exports, certificate store backups, service accounts — whatever needs a strong random string. Uses your browser's cryptographic random number generator, not some math.random() nonsense.

Length: 16

864

Options Include symbols (!@#$%^&*)

—

100% Local

PEM ↔ Base64 Converter

Strip or add the -----BEGIN/END----- headers. Sometimes you need just the raw Base64, sometimes you need the full PEM. Here you go.

PEM or Base64 Input

All tools run entirely in your browser. No data is transmitted to any server. The certificate inspector, converter, and password generator work completely offline once the page loads. The domain lookup queries the public crt.sh database — only the domain name you type is sent.