Certificate Validity
Also known as TLS certificate expiry · SSL validity
The site's TLS certificate is valid, trusted, and not close to its expiry date.
What it is
A TLS (often called SSL) certificate proves the site's identity and encrypts traffic over HTTPS. This check confirms the certificate is currently valid, issued for the right hostnames, trusted by browsers, and comfortably ahead of its expiry date.
Why it matters
An expired or invalid certificate triggers full-page browser security warnings that block access and destroy trust instantly. Sustained HTTPS is also a baseline ranking and security expectation; outages can interrupt crawling and AI fetches.
How to verify
Open the padlock in the browser to inspect issuer and validity dates, or run openssl s_client or an SSL checker such as SSL Labs. Confirm the hostname matches, the chain is complete, and expiry is weeks away, then set an alert ahead of renewal.
How to fix
Enable automated renewal (for example Let's Encrypt via ACME or your host's managed certificate) and verify it succeeds well before expiry. Fix any chain, hostname, or mixed-content issues, and add monitoring that alerts on upcoming expiry.
Related terms
- HTTPS with HSTSServing every page over HTTPS encrypts traffic, and the HSTS response header forces browsers to use HTTPS for all future requests to the domain.
- Email Authentication (SPF / DKIM / DMARC)DNS records that authenticate your outbound email so mailbox providers can verify it is genuinely from your domain.
- Page performanceHow quickly and smoothly a page loads and becomes interactive, commonly measured by server response time, HTML weight, and Core Web Vitals.
- Staging Blocks RemovedConfirming the production site has no leftover site-wide robots Disallow or global noindex carried over from staging.
Official references
External, opens in a new tab.
Put this into practice.
Work through every check by hand and turn it into a shareable GEO Score report — or scan your site automatically in seconds.