CertLens Documentation

CertLens is a certificate intelligence tool designed to help engineers, security teams, and developers analyze digital certificates, keystores, and TLS endpoints quickly and safely.

Key Features

• Certificate chain reconstruction and validation
• Keystore inspection (JKS / PKCS#12)
• TLS endpoint analysis for live websites
• Risk detection (expiry, weak algorithms, trust issues)
• Certificate inventory overview
• PDF report generation

Supported Certificate Formats

• PEM (.pem, .crt)
• Java Keystore (.jks)
• PKCS#12 (.p12 / .pfx)
• Certificates retrieved from TLS endpoints

Validate Certificates & Keystores

Upload one or more certificate files or keystores to analyze their certificate chains and metadata.

• Upload PEM, CRT, JKS, or PKCS#12 files
• CertLens reconstructs the certificate chain
• Displays certificate metadata and validity information
• Detects potential security risks

Analyze TLS Websites

Enter a website hostname to analyze the TLS certificate presented by the server.

• Retrieves server certificates
• Reconstructs the trust chain
• Checks expiration and trust status
• Highlights potential risks

Understanding Results

After analysis, CertLens displays:

• Certificate chain visualization
• Certificate metadata and validity period
• Detected security risks
• Certificate inventory table

Security & Privacy

CertLens processes uploaded files locally within the application environment. Uploaded certificates and keystores are not stored permanently.