SSL Checker

The SSL Checker skill audits SSL/TLS certificates and server configurations for any domain or IP address, providing detailed reports on certificate validity, expiration timelines, cipher suite strength, and trust chain completeness. It checks whether the certificate is issued by a trusted CA, covers all required subdomains (including wildcard matching), and is not present on certificate revocation lists. TLS protocol version support is tested — flagging deprecated SSLv3, TLS 1.0, and TLS 1.1 alongside the supported TLS 1.2 and 1.3 configurations. Cipher suite analysis identifies weak ciphers such as RC4 or DES and recommends replacements. The HSTS header and its max-age value are validated. Expiration monitoring can be configured to send alerts at 60, 30, 14, and 7 days before expiry via the Email Send or Slack skill. Bulk domain checking accepts a list of domains for efficient portfolio-wide auditing. The skill compares results against the Mozilla Observatory recommended configuration and provides a letter grade. Ideal for DevOps teams, security auditors, and site owners maintaining multiple domains.

Installation

clawhub install ssl-checker

Install: clawhub install ssl-checker