TLS / SSL guides
Practical how-to guides for decoding certificates and CSRs, verifying keys and building chains — each linked to the client-side tool that does it.
- How to decode an SSL certificate Read what's inside a PEM/DER SSL certificate — subject, SANs, issuer, validity and key — without uploading it anywhere. Step-by-step, in your browser or with OpenSSL.
- How to read a CSR (Certificate Signing Request) Verify what a CSR actually requests — subject, SANs, key type and size — before you send it to a CA. Decode it client-side or with OpenSSL.
- How to check a private key matches a certificate Confirm a private key and an SSL certificate are a pair before deploying — avoid the 'key values mismatch' error. Compare them client-side or with OpenSSL.
- How to build a certificate chain (fullchain.pem) Assemble leaf + intermediate(s) into a correct fullchain.pem and avoid NET::ERR_CERT_AUTHORITY_INVALID from a missing intermediate. Order matters.