mTLS Inspector

Inspect the client certificate your browser presents during mutual TLS authentication. The report checks clientAuth EKU, Digital Signature key usage, CA status, application chain trust, and RFC 5280 lint findings.

What Happens

Mutual TLS asks the browser for a client certificate during the TLS handshake. This inspector accepts certificates from any issuer at the nginx layer, then validates the received leaf certificate inside the Laravel application.

Use an existing client-auth certificate, or issue a test certificate from the MPCA Factory client authentication profile and import the generated PKCS#12 file into your browser or OS certificate store.

Browser Setup

  1. 1

    Install a certificate with EKU clientAuth and an accessible private key.

  2. 2

    Click Authenticate and select the certificate when the browser prompts.

  3. 3

    Review the TLS session diagnostic, profile checks, chain reconstruction, certificate fields, and lint output.

Authenticate Your browser will open a fresh connection to the mTLS hostname.

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action