Hey HN, I built this after years of dealing with SSL certificate surprises – expired certs on subdomains nobody knew existed, shadow IT spinning up certs, the usual 3am outages.

CertRadar has four free tools (no signup, no premium tier):

- CT Log Search – find every certificate ever issued for a domain via Certificate Transparency logs. Great for discovering forgotten subdomains.

- SSL Analyzer – cert chain, TLS versions, HSTS, expiration. Faster than SSL Labs.

- DNS + SSL Check – DNS records and SSL health in one view.

- Security Headers – HSTS, CSP, X-Frame-Options analysis with recommendations.

Built with Rust on GCP Cloud Run. Happy to talk about the architecture or any feedback on what would make these more useful.