SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
| Hostname: | close Doesn't match Common Name or/and SANs |
| Expired: | close Yes (expired 45 days ago) |
| Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
| Trusted: | close The end-entity certificate is self-signed |
| Self-Signed: | close Yes, the end-entity certificate is self-signed |
| Chain Issues: | close The chain doesn't contain any intermediate certificates |
| Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
DNS Information
| Resolves To: | 58.69.164.60 |
| Reverse IP lookup: | 58.69.164.60.pldt.net. |
| Nameserver: | ns74.domaincontrol.com. |
| Nameserver: | ns73.domaincontrol.com. |
General Information
| Common Name: | Kubernetes Ingress Controller Fake Certificate |
| SANs: | DNS:ingress.local Total number of SANs: 1 |
| Organization: | Acme Co |
| Signature Algorithm: | sha256WithRSAEncryption |
| Key Type: | RSA |
| Key size: | 2048 bits |
| Serial Number: | 41b52bfd3cf51aab0fe432266d755210 |
| Not Before: | Oct 10, 2023 10:59:24 GMT |
| Not After: | Oct 09, 2024 10:59:24 GMT |
| Number of certs: | 1 |
| Revocation Status: | This check is not applicable to expired certificates |
| OCSP Stapling: | Not Supported |
| Server: | Not Provided |
| HSTS: | max-age=15724800; includeSubDomains |
| HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: Kubernetes Ingress Controller Fake Certificate
Decode this certificate for verbose information → launch| Subject Common Name | Kubernetes Ingress Controller Fake Certificate |
| Subject Organization | Acme Co |
| Issuer Common Name | Kubernetes Ingress Controller Fake Certificate |
| Issuer Organization | Acme Co |
| Not Before: | Oct 10, 2023 10:59:24 GMT |
| Not After: | Oct 09, 2024 10:59:24 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 41b52bfd3cf51aab0fe432266d755210 |
| SHA1 Fingerprint: | 63:A6:6A:69:6F:56:52:9D:AF:4C:D2:B2:6D:04:A1:6B:55:AC:B9:6C |
| MD5 Fingerprint: | A5:14:BB:B7:64:54:7B:65:FB:DC:2A:26:3A:C5:52:FF |
OpenSSL Handshake
depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate verify error:num=18:self signed certificate verify return:1 depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate verify error:num=10:certificate has expired notAfter=Oct 9 10:59:24 2024 GMT verify return:1 depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate notAfter=Oct 9 10:59:24 2024 GMT verify return:1 CONNECTED(00000003) OCSP response: no response sent --- Certificate chain 0 s:O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate i:O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate -----BEGIN CERTIFICATE----- MIIDbzCCAlegAwIBAgIQQbUr/Tz1GqsP5DImbXVSEDANBgkqhkiG9w0BAQsFADBL MRAwDgYDVQQKEwdBY21lIENvMTcwNQYDVQQDEy5LdWJlcm5ldGVzIEluZ3Jlc3Mg Q29udHJvbGxlciBGYWtlIENlcnRpZmljYXRlMB4XDTIzMTAxMDEwNTkyNFoXDTI0 MTAwOTEwNTkyNFowSzEQMA4GA1UEChMHQWNtZSBDbzE3MDUGA1UEAxMuS3ViZXJu ZXRlcyBJbmdyZXNzIENvbnRyb2xsZXIgRmFrZSBDZXJ0aWZpY2F0ZTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn29aDfNpGubXeCbkdsLRY/sTkCgqBA fD2E3RfV+ERKFJ7NORg0+ld3o2ZR/dOG3Dfv4mkkF+41/F42nLa2Lz3gysjqDURe MjhAmbiWMYupXEA0IU1syM25HkjjN1ljJS5sYoqgI/xuUDe8oSL1kSomXzknR4Lj CcGKDKNZXY3+0gA5TyNOk2+YqNdsGa3P8uE0HMdorlPohppC6NIQzAyOW5cE5Z4x RxB3DLdD4JrTMGajenf3mRMp6/Vr6iPS7/pFvoN+IfCPs2UBbVpjHdqxD7xQu99J 48GtHf+qZ8xh8F2hovoTViMxXGdPWq18p5iT4b4t45eROpVqqY1xgMMCAwEAAaNP ME0wDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB /wQCMAAwGAYDVR0RBBEwD4INaW5ncmVzcy5sb2NhbDANBgkqhkiG9w0BAQsFAAOC AQEAJo8YV/UfoF8+a1CqEOY5gwonzVQlbtouNso+6usao2O1QWKZcgTMzITbgeRl amQ5uirBjSvSxthVU/NZ0AF/WcGLeCYmlrp6BQV1vAWCF54CjlGg7BFKYRTh5/5k QzVUoGZgDEEJXRDFihxpstSzcCLEGMB56qYvsX+sk/JvKgE9DKZLuH0nBc0KUi2S n3TD7x22uE4gSViWpIi87cwmjEJNJCowL63YiqJESAqaaUknEV0ofl1votv4OirQ gPWuWm7tma/oz9fTvFIiEUQgs8yl8Y3M1WMpKJBf372R1q7L2eCkA7tVNmO3DFjm mw/+inCvVW3WY58MDbtjvocL8w== -----END CERTIFICATE----- --- Server certificate subject=O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate issuer=O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL handshake has read 1443 bytes and written 417 bytes Verification error: certificate has expired --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 10 (certificate has expired) --- DONE