SSL / TLS Leaf, Intermediate and Root CA Certificate Auditing & Validation
2.0.1 December 2021
For 64-bit / Win64 / x64 / ARM64EC Microsoft Windows Operating Systems
US$24.95 / license
Certify One is a subscription-based product. The subscription is $US24.95 per year per server or workstation.
What is certificate auditing? Why do I need it?!
Secure Sockets Layer (SSL), is an encryption-based Internet security protocol. SSL was first developed by Netscape in 1995 for the purpose of ensuring privacy, authentication, and data integrity in Internet communications. Transport Layer Security (TLS), the successor of SSL is a cryptographic protocol designed to provide communications security over a computer network.
Web browsers have become much stricter in regard to handling TLS certificates. For example, all major browsers will warn or even block access to sites where the TLS certificate is expired, self-signed, or revoked. Similarly, access may be blocked if the certificate chain of trust (e.g. intermediate or root CA certificates) is incorrect, incomplete, expired or revoked. Hence, it's important to be able to test and audit the validity of certificates, certificate chains to avoid critical outages, system downtime, revenue loss, loss of reputation and information compromise.
Certificates and certificate chains are considered “critical infrastructure” and are intrinsic to the successful functioning of digital communications and the Internet as a whole.
HTTP vs HTTPS
How can Certify One help?
Certify One is a cybersecurity assessment software tool designed to assist you in testing, verifying and auditing the robustness and validity of certificates used in encrypted digital communication across your organisation to ensure confidentiality, data integrity, and end-point authentication. Certify One allows you to test digital certificates deployed on IoT devices, e-commerce solutions, websites, industrial automation platforms and so forth.
Sitting behind the corporate firewall, Certify One monitors, tests, collates and reports on certificate and certificate chain validity and assist in the lifecycle management of certificates, averting the negative consequences of certificate invalidity and minimise certificate “sprawl”.
It integrates directly with enterprise Private Key Infrastructure (PKI) such as Microsoft Certificate Services and other public certification entities. Designed to test cryptographic integrity in use on corporate networks and report on discovered weaknesses and vulnerabilities to allow employees responsible for certificate management to focus on certificate validity.
How does licensing work?
Certify One is a subscription-based product. The cost of the subscription is $US95 per year. You can grab a subscription for 70% off for the first year for a limited time. Please follow this link to purchase your subscription. Certify One is available for a 7-day trial. Please see the Change Log.
Using Certify One
Once you have downloaded the installer, double-click the installer and follow the installation instructions.
Populate the list of Scan Targets. Then click the "Scan All" button. You can also Schedule scans. If you double click on any host you will be provided detailed scan information. You can test Certify One with valid, expired, and revoked certificates via ssl.com or badssl.com.
You can also query DNS CAA records via the command line! For example:
Helping you avoid
Reputation & Revenue Loss
Making certificate management
easy and cost effective
How is Certify One different?
Our aim is to lower the barrier to entry from an analysis and reporting perspective and cost standpoint.
Certify One intends to significantly lower the cost of compliance, be easy to deploy, facilitate testing of private networks, and test certificates associated with multiple protocols that utilise encryption plus confirm the strength of the encrypted information exchange.
Designed to run behind the corporate firewall and integrate directly with enterprise Private Key Infrastructure (PKI) such as Microsoft Certificate Services and other public certification entities. We test cryptographic integrity in use on corporate networks and report on discovered weaknesses and vulnerabilities to allow employees responsible for certificate management to focus on certificate validity.
Features - Coming Soon!
Certify One SSL/TLS checker will provide information about your certificate, including:
Trust worthiness (including which Web browsers trust it)
Secure re-negotiation support
If it uses a vulnerable Debian key
SSL / TLS Checker
Frequently Asked Questions
What is SSL / TLS?
How does SSL/TLS work?
Why is SSL/TLS important?
Are SSL and TLS the same thing?
What is an SSL certificate?
What are the types of SSL certificates?
How can a business obtain an SSL certificate?
Why do I need a SSL / TLS Checker - what happens if I dont have one or let my SSL/TLS expire?