SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
Hostname: | done Matches Common Name or/and SAN |
Expired: | done No (18 days till expiration) |
Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
Trusted: | close We were unable to verify this certificate |
Self-Signed: | done No, the end-entity certificate is not self-signed |
Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
Resolves To: | 3.217.52.125 |
Reverse IP lookup: | ec2-3-217-52-125.compute-1.amazonaws.com. |
Nameserver: | dns1.p08.nsone.net. |
Nameserver: | dns2.p08.nsone.net. |
Nameserver: | dns3.p08.nsone.net. |
Nameserver: | dns4.p08.nsone.net. |
Nameserver: | ns01.ttddnnss.com. |
Nameserver: | ns02.ttddnnss.com. |
Nameserver: | ns03.ttddnnss.com. |
Nameserver: | ns04.ttddnnss.com. |
General Information
Common Name: | *.adsrvr.org |
SANs: | DNS:*.adsrvr.orgDNS:adsrvr.org Total number of SANs: 2 |
Signature Algorithm: | sha256WithRSAEncryption |
Key Type: | RSA |
Key size: | 2048 bits |
Serial Number: | 45db5bdf451359d38642a5fb |
Not Before: | Apr 12, 2023 16:51:15 GMT |
Not After: | May 13, 2024 16:51:14 GMT |
Number of certs: | 2 |
Revocation Status: | good |
OCSP Stapling: | Not Supported |
Server: | Microsoft-IIS/10.0 |
HSTS: | Not Supported |
HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: *.adsrvr.org
Decode this certificate for verbose information → launchSubject Common Name | *.adsrvr.org |
Issuer Common Name | GlobalSign GCC R3 DV TLS CA 2020 |
Issuer Organization | GlobalSign nv-sa |
Not Before: | Apr 12, 2023 16:51:15 GMT |
Not After: | May 13, 2024 16:51:14 GMT |
Signature Algorithm: | sha256WithRSAEncryption |
Serial Number: | 45db5bdf451359d38642a5fb |
SHA1 Fingerprint: | B7:58:8B:E2:97:FD:5A:E4:32:4B:94:39:CA:21:4C:37:D4:A1:E4:4A |
MD5 Fingerprint: | F7:9C:51:41:DF:51:CF:FD:9E:9C:EA:4C:70:36:58:8A |
Certificate # 2 - Common Name: GlobalSign GCC R3 DV TLS CA 2020
Decode this certificate for verbose information → launchIn place? | Yes, this certificate directly certifies the preceding one |
Subject Common Name | GlobalSign GCC R3 DV TLS CA 2020 |
Subject Organization | GlobalSign nv-sa |
Issuer Common Name | GlobalSign |
Issuer Organization | GlobalSign |
Not Before: | Jul 28, 2020 00:00:00 GMT |
Not After: | Mar 18, 2029 00:00:00 GMT |
Signature Algorithm: | sha256WithRSAEncryption |
Serial Number: | 77bd0e0742d5d9e9d049d774d02a6f9a |
SHA1 Fingerprint: | 1C:61:0A:0A:87:D4:92:F4:83:22:C2:AF:D3:BE:9B:6A:D3:6B:6B:EE |
MD5 Fingerprint: | A6:E7:E3:48:48:27:FD:C4:E0:C9:16:5B:AA:82:C7:4C |
OpenSSL Handshake
depth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign GCC R3 DV TLS CA 2020 verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 CN = *.adsrvr.org verify return:1 CONNECTED(00000003) OCSP response: no response sent --- Certificate chain 0 s:CN = *.adsrvr.org i:C = BE, O = GlobalSign nv-sa, CN = GlobalSign GCC R3 DV TLS CA 2020 -----BEGIN CERTIFICATE----- MIIGSTCCBTGgAwIBAgIMRdtb30UTWdOGQqX7MA0GCSqGSIb3DQEBCwUAMFMxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSkwJwYDVQQDEyBH bG9iYWxTaWduIEdDQyBSMyBEViBUTFMgQ0EgMjAyMDAeFw0yMzA0MTIxNjUxMTVa Fw0yNDA1MTMxNjUxMTRaMBcxFTATBgNVBAMMDCouYWRzcnZyLm9yZzCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAPV3HolKV05QPl2Y1gdK+fwH25sy4rp1 hP0MPhc03odT9SBv5hfQXC1ovRf0NGGJhEJpgFMYRO8ktoe1io66m86pzoNC8bqA ONj1qE+Uo29a7dkKAaZWGf68KM/1bbttjla0t0aKwZsDJfVw9Jnj2yhdatXbmJ2e bU4nU0DjHPEwVbubgYk7rdiCPyP2IjHJxaC6qmU/wBcKDap98w3oCGs+LRQhXADq m8S5jkMOa37ZfLMdmP3x3hKhBM6DFnb60xpY2lIm0z1BNGBLqKcPnPGbFSCEHEMc kmUW+yJ4ucp/+Wb91+qYin9jYq4NbfgzVFwgl/JSEUbmes49NKU5omsCAwEAAaOC A1cwggNTMA4GA1UdDwEB/wQEAwIFoDCBkwYIKwYBBQUHAQEEgYYwgYMwRgYIKwYB BQUHMAKGOmh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZ2Nj cjNkdnRsc2NhMjAyMC5jcnQwOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLmdsb2Jh bHNpZ24uY29tL2dzZ2NjcjNkdnRsc2NhMjAyMDBWBgNVHSAETzBNMEEGCSsGAQQB oDIBCjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9y ZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0TBAIwADBBBgNVHR8EOjA4MDagNKAy hjBodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL2dzZ2NjcjNkdnRsc2NhMjAyMC5j cmwwIwYDVR0RBBwwGoIMKi5hZHNydnIub3JnggphZHNydnIub3JnMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBQNmMBzf6u9vdlHS0mt CkoMrD7HfDAdBgNVHQ4EFgQUabYCIOeOXKYFvQTF3NPslCg89WMwggF/BgorBgEE AdZ5AgQCBIIBbwSCAWsBaQB2AHPZnokbTJZ4oCB9R53mssYc0FFecRkqjGuAEHrB d3K1AAABh3ZhASoAAAQDAEcwRQIgHedclYB5CYoAlZ9ElHZe/vz5CLljgIeYxz0N Gc9c2WYCIQDuj1zGuJpOeT8FcjGqA9Bfkk5HqU47SqsOvlU3pn6Q1wB3AEiw42va pkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABh3ZhAUoAAAQDAEgwRgIhAOYc uaVjK/DGp5ovNP9wf00sNX88XmzZDZG84eLSpOT3AiEAunfPwnVm0/ZbDS0uSnS6 y0LXZFGDzMwTfLUJo/kXesIAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlG cR+1mwAAAYd2YQECAAAEAwBHMEUCIQCJWss5BMQYokeCw+10ljrDkX3udYVE+5AP qMEYI2VJBAIga8+u/ry/iB7d7Pv3ITQLxZIQdqXUBwgWGQOgT2zQDucwDQYJKoZI hvcNAQELBQADggEBAEj6NW5zkRZ7qX9KY/t7B5qnyH0iK0ZsIU6xPcskp2D/a5Rs 1SCHh7XmLJRRlF9KTmW690kA7xhOP72gXLJt7fkKZ7dhykFPTnDVp7t6aFvyqm1E 6e77Nq7ahxcEswiUULm4oW0UngRk8PYu/Fz7eXEVRrdM53sS2OKZQEApqLMnbAp8 e+QysHi89q+ts3wpp+zANf8dWkYx7UCQQ7CGTl57TH/BU1HZGq5J42DclSlod0Wi XgjVjAUMTNKffmM+RGKOEm+bcYbF57RiyXiApFvtyi1wO2QcFDG2ymKonMT6vvRh Kz3R/MxnFn1bbecW77ZWpxjSq1rN53xDzbkkvaw= -----END CERTIFICATE----- 1 s:C = BE, O = GlobalSign nv-sa, CN = GlobalSign GCC R3 DV TLS CA 2020 i:OU = GlobalSign Root CA - R3, O = GlobalSign, CN = GlobalSign -----BEGIN CERTIFICATE----- MIIEsDCCA5igAwIBAgIQd70OB0LV2enQSdd00CpvmjANBgkqhkiG9w0BAQsFADBM MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA3MjgwMDAwMDBaFw0y OTAzMTgwMDAwMDBaMFMxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu IG52LXNhMSkwJwYDVQQDEyBHbG9iYWxTaWduIEdDQyBSMyBEViBUTFMgQ0EgMjAy MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxnlJV/de+OpwyvCXAJ IcxPCqkFPh1lttW2oljS3oUqPKq8qX6m7K0OVKaKG3GXi4CJ4fHVUgZYE6HRdjqj hhnuHY6EBCBegcUFgPG0scB12Wi8BHm9zKjWxo3Y2bwhO8Fvr8R42pW0eINc6OTb QXC0VWFCMVzpcqgz6X49KMZowAMFV6XqtItcG0cMS//9dOJs4oBlpuqX9INxMTGp 6EASAF9cnlAGy/RXkVS9nOLCCa7pCYV+WgDKLTF+OK2Vxw3RUJ/p8009lQeUARv2 UCcNNPCifYX1xIspvarkdjzLwzOdLahDdQbJON58zN4V+lMj0msg+c0KnywPIRp3 BMkCAwEAAaOCAYUwggGBMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUDZjA c3+rvb3ZR0tJrQpKDKw+x3wwHwYDVR0jBBgwFoAUj/BLf6guRSSuTVD6Y5qL3uLd G7wwewYIKwYBBQUHAQEEbzBtMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcDIuZ2xv YmFsc2lnbi5jb20vcm9vdHIzMDsGCCsGAQUFBzAChi9odHRwOi8vc2VjdXJlLmds b2JhbHNpZ24uY29tL2NhY2VydC9yb290LXIzLmNydDA2BgNVHR8ELzAtMCugKaAn hiVodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jvb3QtcjMuY3JsMEcGA1UdIARA MD4wPAYEVR0gADA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWdu LmNvbS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAy8j/c550ea86oCkf r2W+ptTCYe6iVzvo7H0V1vUEADJOWelTv07Obf+YkEatdN1Jg09ctgSNv2h+LMTk KRZdAXmsE3N5ve+z1Oa9kuiu7284LjeS09zHJQB4DJJJkvtIbjL/ylMK1fbMHhAW i0O194TWvH3XWZGXZ6ByxTUIv1+kAIql/Mt29PmKraTT5jrzcVzQ5A9jw16yysuR XRrLODlkS1hyBjsfyTNZrmL1h117IFgntBA5SQNVl9ckedq5r4RSAU85jV8XK5UL REjRZt2I6M9Po9QL7guFLu4sPFJpwR1sPJvubS2THeo7SxYoNDtdyBHs7euaGcMa D/fayQ== -----END CERTIFICATE----- --- Server certificate subject=CN = *.adsrvr.org issuer=C = BE, O = GlobalSign nv-sa, CN = GlobalSign GCC R3 DV TLS CA 2020 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 3457 bytes and written 447 bytes Verification error: unable to get local issuer certificate --- New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 Session-ID: 57A2450D3BC3126A8220C8EB68E10624CBB883CA9BE7FF7702F1014793D50EE2 Session-ID-ctx: Master-Key: 5DEA1DCC5B76A30CD48F52C92DBAF2E2BBBEFED4750D3B17AC3C10CCC6D32422807CF427BABBA0B1D1B245724B280BFD PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 86400 (seconds) TLS session ticket: 0000 - b6 38 e4 e1 ee d0 00 3e-8d 29 08 5a 5c ab 38 ca .8.....>.).Z\.8. 0010 - a8 40 ae 55 8d 05 3d 91-57 af a0 91 ca 58 37 cc .@.U..=.W....X7. 0020 - 93 19 b2 b8 76 e3 ba 0b-69 07 37 4b a5 75 0f 89 ....v...i.7K.u.. 0030 - 91 ab 9f 37 ac ed b9 a3-45 92 8c c8 e0 e5 fb 42 ...7....E......B 0040 - a9 3b 11 b5 06 01 38 9d-7c 82 12 5a f9 c8 42 5e .;....8.|..Z..B^ 0050 - 36 53 a2 39 7e ec 59 07-21 21 de 95 cb 86 d6 11 6S.9~.Y.!!...... 0060 - 92 db 9a 3c 20 f0 69 f2-94 ...< .i.. Start Time: 1714023369 Timeout : 7200 (sec) Verify return code: 20 (unable to get local issuer certificate) Extended master secret: yes --- DONE