Namecheap.com

SSL Checker

Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.

Report

Hostname: Doesn't match Common Name or/and SANs
Expired: No (291 days till expiration)
Public Key: We were unable to find any issues in the public key of end-entity certificate
Trusted: The end-entity certificate is self-signed
Self-Signed: Yes, the end-entity certificate is self-signed
Chain Issues: The chain doesn't contain any intermediate certificates
Weak signatures: No, certificates sent by the server were not signed utilizing a weak hash function

DNS Information

Resolves To: 58.69.164.60
Reverse IP lookup: 58.69.164.60.pldt.net.
Nameserver: ns73.domaincontrol.com.
Nameserver: ns74.domaincontrol.com.

General Information

Common Name: Kubernetes Ingress Controller Fake Certificate
SANs: DNS:ingress.local Total number of SANs: 1
Organization: Acme Co
Signature Algorithm: sha256WithRSAEncryption
Key Type: RSA
Key size: 2048 bits
Serial Number: 9e811f897a66ca286b42b041a8437069
Not Before: Jul 20, 2022 17:05:54 GMT
Not After: Jul 20, 2023 17:05:54 GMT
Number of certs: 1
Revocation Status: Certificate does not supply CA Issuers information
OCSP Stapling: Not Supported
Server: Not Provided
HSTS: max-age=15724800; includeSubDomains
HPKP: Not Supported

Chain Information

Certificate # 1 - Common Name: Kubernetes Ingress Controller Fake Certificate

Decode this certificate for verbose information →
Subject Common Name Kubernetes Ingress Controller Fake Certificate
Subject Organization Acme Co
Issuer Common Name Kubernetes Ingress Controller Fake Certificate
Issuer Organization Acme Co
Not Before: Jul 20, 2022 17:05:54 GMT
Not After: Jul 20, 2023 17:05:54 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 9e811f897a66ca286b42b041a8437069
SHA1 Fingerprint: AC:1F:36:0C:A8:D1:52:32:FE:77:90:51:1F:E1:DD:2B:9B:24:4F:00
MD5 Fingerprint: F2:22:5D:09:C6:21:38:67:07:76:2F:0E:81:C0:19:BA

OpenSSL Handshake

depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate
verify error:num=21:unable to verify the first certificate
verify return:1
CONNECTED(00000003)
OCSP response: no response sent
---
Certificate chain
 0 s:/O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate
   i:/O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate
-----BEGIN CERTIFICATE-----
MIIDcDCCAligAwIBAgIRAJ6BH4l6Zsooa0KwQahDcGkwDQYJKoZIhvcNAQELBQAw
SzEQMA4GA1UEChMHQWNtZSBDbzE3MDUGA1UEAxMuS3ViZXJuZXRlcyBJbmdyZXNz
IENvbnRyb2xsZXIgRmFrZSBDZXJ0aWZpY2F0ZTAeFw0yMjA3MjAxNzA1NTRaFw0y
MzA3MjAxNzA1NTRaMEsxEDAOBgNVBAoTB0FjbWUgQ28xNzA1BgNVBAMTLkt1YmVy
bmV0ZXMgSW5ncmVzcyBDb250cm9sbGVyIEZha2UgQ2VydGlmaWNhdGUwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3OJLFDDHl2OIkruLPv0pKhB3Jm6W+
0fNUMTAafoIrvLrbEeS6VvPFs1nlFnMakrxEZZ72D+yeKG2mENbm1LlMtKLY0jRo
oTnT8yClzc3lbod3JJA3R35qdVSx+6gUTeHQDPWiqyBBOJqorVv943mZTrkce++P
E5vZukioDvmhbJI4FaZxJXBzzqcQ2PfQ/A88nVhhH0DGrJotE0f/+G6uxAla0ar3
uX8t9RDNDRwdYHSJnAjTgv+ShbBdCkjS3xLh+qg8EyHOXJ+VEPRcdv3yxKnrtNia
l3NclUKeYWzxUfsmlU4BUXUKL7gHYqZ0TqkkJG1eG1xH8xb/C8+G7u3RAgMBAAGj
TzBNMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMB
Af8EAjAAMBgGA1UdEQQRMA+CDWluZ3Jlc3MubG9jYWwwDQYJKoZIhvcNAQELBQAD
ggEBAEcBx4js3fm6DTQqvj+w0I5yzLKMD+vZLmvxCBpepz4/ZCPZBq/Do9Im+tWr
WAbXVlHp8g1wq+3R8GMcEa4XjurprrOGZJ9o2qJu4W2NfASSrH38o4HME5hO+8wH
+ubYokDug1zqo3GqxFac2zSmR8ljPbf/6CCXt85Xu3uYCUyn7IRsofEAJxCKQ2u3
Nv8SwOj8rTKd6QFiBAPDUKLTqkKxbkhDBwQJ/Bd+OnGg0Njqs156qpriC4H4nVqT
e8gW+kgXyB7ubnBgODB/5ITqlBC1KxCDROp/VoSm71Ibhg1blZKUpIO6hlS0Wmbj
93ZvRojzPZk98121EBXzwrYSHW8=
-----END CERTIFICATE-----
---
Server certificate
subject=/O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate
issuer=/O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate
---
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 1366 bytes and written 313 bytes
Verification error: unable to verify the first certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: A9D526870AB7BC5169DE7B13D96336BA06E0FFB4E0E3C02162526AE6B2013628
    Session-ID-ctx: 
    Master-Key: F175C8169CA82CAA62E44EDF96CDB25290B361BCB6402703261D516CE392D51BB5A95EAEB6E85BB43E6B0F271FADE380
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1664656336
    Timeout   : 7200 (sec)
    Verify return code: 21 (unable to verify the first certificate)
    Extended master secret: yes
---
DONE