The process to see the SSL TLS digital certificate of the different websites is exactly the same if the certificate is self-signed, if it is an expired or revoked digital certificate, and also if it is a certificate that is currently valid and has no problem.
A very important detail is that, when we access a website with HTTPS, it will almost always use a digital certificate that is valid, issued by a CA (Trusted Certification Authority) and that has not been revoked or expired, so We will get any type of warning indicating that the website is not secure. In the event that a warning appears indicating that the site is not secure, we will be able to examine the digital certificate to see what is happening. In our case, we have found on many occasions that a website is legitimate, but they have forgotten to renew the SSL/TLS certificate, so it automatically stops being a secure site in the eyes of the web browser, to an insecure site because the digital certificate has expired.
View the certificate through the address bar
If we get into any website with the HTTPS protocol, we can see a “lock” just to the left of the web domain we have entered. If we have a closed padlock it means that the digital certificate is correct and is valid, of course, the certificate has not been revoked. However, if a “Not secure” message appears, it is possible that we are dealing with a self-signed certificate, a certificate that has been revoked or has expired, so in these cases we should be careful. It is possible that they are making a Man in the Middle attack on our connection, and a cybercriminal is between our connection and the web, with the aim of stealing our information.
In the following screenshot you can see that access to our website indicates that it is “secure”, and that is that the certificate used is valid and has not been revoked. It will also give us direct access to the cookies of the different websites and we will even have a direct access to the “Site configuration” menu.
If we click on the first option “The connection is secure” a new menu will open that will tell us that the connection is secure, it also warns us that all information such as passwords, credit card numbers and other information is private when it is sent to the website that we have entered, in addition, it also tells us that the «Certificate is valid«. If we click on this last option “The certificate is valid” it will take us directly to a new menu where we can see all the details of the digital certificate.
In the drop-down menu it will give us all the information about the digital certificate. For example, the certificate of our websites is issued by the popular Let’s Encrypt Certification Authority, it tells us that it has been issued by R3 and that this certificate is valid from January 24, 2022 to April 24, 2022, that is , the usual 3 months that this CA provides us at most.
If we click on the “Details” section we can see the version of the certificate, V3, which is the usual one, it will also indicate the signature algorithm that is sha256RSA and it will even indicate more advanced information about this SSL TLS digital certificate. In this menu we will be able to see the length of the public key of the digital certificate, data of the different DNS names (if the verification has been carried out at the DNS level) and we will also be able to see the fingerprint among other characteristics.
Finally, in the “Certification path” tab we can see the entire CA tree that we have up to our digital certificate, and it will also indicate the status of the certificate, in our case it is a valid certificate.
Once we have already seen how to see all the data of the digital certificate through the “padlock” menu, we are going to see it now through the “Developer options” of Google Chrome.
View it through “Developer Options”
When we are inside the web we can press the CTRL + SHIFT + I keys to open the Chrome developer menu. In this menu we will have to go to the “Security” tab where we can see the data of the HTTPS connection that has been established. In this menu we can see that the digital certificate is valid and trusted thanks to the Let’s Encrypt CA. We can also see that the connection is secure, since it uses the TLS 1.3 protocol with AES-256-GCM as a symmetric encryption algorithm, that is, we have the best possible security at the TLS level, since this latest version is much more efficient than TLS 1.2. Finally, it informs us that all web resources are also encrypted.
If we want to see the digital certificate, we simply have to click on the “View certificate” button, and a window will automatically be displayed with the same information as before.
As you have learned, viewing the SSL TLS certificate of a certain web page in Google Chrome is really simple, and can be done through the typical “lock” menu, or directly through the developer console. Our favorite way is to use the developer console, because it will also tell us if the connection has been established using TLS 1.2 or TLS 1.3, in addition, it will tell us about the cipher suite that has been chosen to establish the secure connection with the web page.