How to See HTTPS Details in Google Chrome

Chrome security panel


Chrome Security Panel


Chrome security panel displays security information about a current connection.

This information includes details on security level, SSL certificate details, mixed content, protocol, key exchange, cipher and more. It basically tells you just about anything you want to know about the connection from a security standpoint.


How to use the Security Panel

The security panel is part of chrome developers tools which is accessed when you right click on the page and choose “Inspect”.

right click to inspect

After you click inspect, a window will appear with several options (this is called Chrome Devtools). Click on the security tab as shown below:

devtools home

Once you click “security” you will see the security panel:

security panel


Useful information found in the panel for webmasters


You don’t need to be a security expert to get some interesting knowledge from this panel, but at the same time, you can really dig as deep as you want.

Let’s overview the details we can get:

Security level of a page

The overall security of the page is reported prominently.

security level

Certificate issuer

This detail tells us who issued the certificate (in this case it was Let’s Encrypt).

certificate issuer

Certificate Details

Clicking the “View certificate” button will bring up a new window that has details about the certificate itself. This is where you would look for expiration dates, certificate details such as keys/policies and the certificate path.

certificate details

Protocol, Key Exchange, and Cipher – Connection details

The security panel identifies and scores the protocol, key exchange and the cipher used to create the connection.

connection details

In the above case the details are:

Protocol used is TLS 1.2 (identified as strong)
Key exchange used is ECDHE_RSA with P-256 (identified as strong)
Cipher used is AES_128_GCM (identified as strong)

Mixed Content – Resource details

Page resources are reported upon. All is good if they are loading from secure sources. If they are not this is called mixed content and will lower the security of the page. The security panel will report the amount of mixed resources and will show you the resources that are being served from HTTP (rather than HTTPS).

resource details


See more of our HTTPS articles