Inspect the TLS posture of any hostname.

Enter a fully qualified hostname and Pentrova returns a deterministic view of the TLS certificate chain, supported protocols, cipher strength, and expiry risk. The check completes in seconds and nothing is stored on our servers.

How the check works

Certificate + expiry

We fetch the leaf certificate, verify the chain, read issuer + subject, and surface the days-to-expiry risk on a single line.
Protocols + ciphers

Advertised TLS versions and cipher strength are summarized with explicit callouts for anything below TLS 1.2 and for any weak-cipher matches.
No persistence

Submitted hostnames are never logged, cached, or shared. Results live only in the current browser session.

/* When JS is disabled the IntersectionObserver never runs, so the `opacity: 0` initial state of reveal elements would hide content permanently. Snap everything visible. */ .scroll-reveal, [data-reveal], .reveal-group > .reveal { opacity: 1 !important; transform: none !important; animation: none !important; } .section-rule { transform: scaleX(1) !important; }

Inspect the TLS posture of any hostname.

How the check works

Certificate + expiry

Protocols + ciphers

No persistence