SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
| Hostname: | close Doesn't match Common Name or/and SANs |
| Expired: | done No (172 days till expiration) |
| Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
| Trusted: | close The end-entity certificate is self-signed |
| Self-Signed: | close Yes, the end-entity certificate is self-signed |
| Chain Issues: | close The chain doesn't contain any intermediate certificates |
| Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
DNS Information
| Resolves To: | 58.69.164.60 |
| Reverse IP lookup: | 58.69.164.60.pldt.net. |
| Nameserver: | ns73.domaincontrol.com. |
| Nameserver: | ns74.domaincontrol.com. |
General Information
| Common Name: | Kubernetes Ingress Controller Fake Certificate |
| SANs: | DNS:ingress.local Total number of SANs: 1 |
| Organization: | Acme Co |
| Signature Algorithm: | sha256WithRSAEncryption |
| Key Type: | RSA |
| Key size: | 2048 bits |
| Serial Number: | 9e811f897a66ca286b42b041a8437069 |
| Not Before: | Jul 20, 2022 17:05:54 GMT |
| Not After: | Jul 20, 2023 17:05:54 GMT |
| Number of certs: | 1 |
| Revocation Status: | Certificate does not supply CA Issuers information |
| OCSP Stapling: | Not Supported |
| Server: | Not Provided |
| HSTS: | max-age=15724800; includeSubDomains |
| HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: Kubernetes Ingress Controller Fake Certificate
Decode this certificate for verbose information → launch| Subject Common Name | Kubernetes Ingress Controller Fake Certificate |
| Subject Organization | Acme Co |
| Issuer Common Name | Kubernetes Ingress Controller Fake Certificate |
| Issuer Organization | Acme Co |
| Not Before: | Jul 20, 2022 17:05:54 GMT |
| Not After: | Jul 20, 2023 17:05:54 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 9e811f897a66ca286b42b041a8437069 |
| SHA1 Fingerprint: | AC:1F:36:0C:A8:D1:52:32:FE:77:90:51:1F:E1:DD:2B:9B:24:4F:00 |
| MD5 Fingerprint: | F2:22:5D:09:C6:21:38:67:07:76:2F:0E:81:C0:19:BA |
OpenSSL Handshake
depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate verify error:num=18:self signed certificate verify return:1 depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate verify return:1 CONNECTED(00000003) OCSP response: no response sent --- Certificate chain 0 s:O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate i:O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate -----BEGIN CERTIFICATE----- MIIDcDCCAligAwIBAgIRAJ6BH4l6Zsooa0KwQahDcGkwDQYJKoZIhvcNAQELBQAw SzEQMA4GA1UEChMHQWNtZSBDbzE3MDUGA1UEAxMuS3ViZXJuZXRlcyBJbmdyZXNz IENvbnRyb2xsZXIgRmFrZSBDZXJ0aWZpY2F0ZTAeFw0yMjA3MjAxNzA1NTRaFw0y MzA3MjAxNzA1NTRaMEsxEDAOBgNVBAoTB0FjbWUgQ28xNzA1BgNVBAMTLkt1YmVy bmV0ZXMgSW5ncmVzcyBDb250cm9sbGVyIEZha2UgQ2VydGlmaWNhdGUwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3OJLFDDHl2OIkruLPv0pKhB3Jm6W+ 0fNUMTAafoIrvLrbEeS6VvPFs1nlFnMakrxEZZ72D+yeKG2mENbm1LlMtKLY0jRo oTnT8yClzc3lbod3JJA3R35qdVSx+6gUTeHQDPWiqyBBOJqorVv943mZTrkce++P E5vZukioDvmhbJI4FaZxJXBzzqcQ2PfQ/A88nVhhH0DGrJotE0f/+G6uxAla0ar3 uX8t9RDNDRwdYHSJnAjTgv+ShbBdCkjS3xLh+qg8EyHOXJ+VEPRcdv3yxKnrtNia l3NclUKeYWzxUfsmlU4BUXUKL7gHYqZ0TqkkJG1eG1xH8xb/C8+G7u3RAgMBAAGj TzBNMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMB Af8EAjAAMBgGA1UdEQQRMA+CDWluZ3Jlc3MubG9jYWwwDQYJKoZIhvcNAQELBQAD ggEBAEcBx4js3fm6DTQqvj+w0I5yzLKMD+vZLmvxCBpepz4/ZCPZBq/Do9Im+tWr WAbXVlHp8g1wq+3R8GMcEa4XjurprrOGZJ9o2qJu4W2NfASSrH38o4HME5hO+8wH +ubYokDug1zqo3GqxFac2zSmR8ljPbf/6CCXt85Xu3uYCUyn7IRsofEAJxCKQ2u3 Nv8SwOj8rTKd6QFiBAPDUKLTqkKxbkhDBwQJ/Bd+OnGg0Njqs156qpriC4H4nVqT e8gW+kgXyB7ubnBgODB/5ITqlBC1KxCDROp/VoSm71Ibhg1blZKUpIO6hlS0Wmbj 93ZvRojzPZk98121EBXzwrYSHW8= -----END CERTIFICATE----- --- Server certificate subject=O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate issuer=O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL handshake has read 1444 bytes and written 417 bytes Verification error: self signed certificate --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 18 (self signed certificate) --- DONE