SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
| Hostname: | done Matches Common Name or/and SAN |
| Expired: | done No (18 days till expiration) |
| Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
| Trusted: | close We were unable to verify this certificate |
| Self-Signed: | done No, the end-entity certificate is not self-signed |
| Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
| Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
| OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
| Resolves To: | 3.217.52.125 |
| Reverse IP lookup: | ec2-3-217-52-125.compute-1.amazonaws.com. |
| Nameserver: | dns1.p08.nsone.net. |
| Nameserver: | dns2.p08.nsone.net. |
| Nameserver: | dns3.p08.nsone.net. |
| Nameserver: | dns4.p08.nsone.net. |
| Nameserver: | ns01.ttddnnss.com. |
| Nameserver: | ns02.ttddnnss.com. |
| Nameserver: | ns03.ttddnnss.com. |
| Nameserver: | ns04.ttddnnss.com. |
General Information
| Common Name: | *.adsrvr.org |
| SANs: | DNS:*.adsrvr.orgDNS:adsrvr.org Total number of SANs: 2 |
| Signature Algorithm: | sha256WithRSAEncryption |
| Key Type: | RSA |
| Key size: | 2048 bits |
| Serial Number: | 45db5bdf451359d38642a5fb |
| Not Before: | Apr 12, 2023 16:51:15 GMT |
| Not After: | May 13, 2024 16:51:14 GMT |
| Number of certs: | 2 |
| Revocation Status: | good |
| OCSP Stapling: | Not Supported |
| Server: | Microsoft-IIS/10.0 |
| HSTS: | Not Supported |
| HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: *.adsrvr.org
Decode this certificate for verbose information → launch| Subject Common Name | *.adsrvr.org |
| Issuer Common Name | GlobalSign GCC R3 DV TLS CA 2020 |
| Issuer Organization | GlobalSign nv-sa |
| Not Before: | Apr 12, 2023 16:51:15 GMT |
| Not After: | May 13, 2024 16:51:14 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 45db5bdf451359d38642a5fb |
| SHA1 Fingerprint: | B7:58:8B:E2:97:FD:5A:E4:32:4B:94:39:CA:21:4C:37:D4:A1:E4:4A |
| MD5 Fingerprint: | F7:9C:51:41:DF:51:CF:FD:9E:9C:EA:4C:70:36:58:8A |
Certificate # 2 - Common Name: GlobalSign GCC R3 DV TLS CA 2020
Decode this certificate for verbose information → launch| In place? | Yes, this certificate directly certifies the preceding one |
| Subject Common Name | GlobalSign GCC R3 DV TLS CA 2020 |
| Subject Organization | GlobalSign nv-sa |
| Issuer Common Name | GlobalSign |
| Issuer Organization | GlobalSign |
| Not Before: | Jul 28, 2020 00:00:00 GMT |
| Not After: | Mar 18, 2029 00:00:00 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 77bd0e0742d5d9e9d049d774d02a6f9a |
| SHA1 Fingerprint: | 1C:61:0A:0A:87:D4:92:F4:83:22:C2:AF:D3:BE:9B:6A:D3:6B:6B:EE |
| MD5 Fingerprint: | A6:E7:E3:48:48:27:FD:C4:E0:C9:16:5B:AA:82:C7:4C |
OpenSSL Handshake
depth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign GCC R3 DV TLS CA 2020
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = *.adsrvr.org
verify return:1
CONNECTED(00000003)
OCSP response: no response sent
---
Certificate chain
0 s:CN = *.adsrvr.org
i:C = BE, O = GlobalSign nv-sa, CN = GlobalSign GCC R3 DV TLS CA 2020
-----BEGIN CERTIFICATE-----
MIIGSTCCBTGgAwIBAgIMRdtb30UTWdOGQqX7MA0GCSqGSIb3DQEBCwUAMFMxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSkwJwYDVQQDEyBH
bG9iYWxTaWduIEdDQyBSMyBEViBUTFMgQ0EgMjAyMDAeFw0yMzA0MTIxNjUxMTVa
Fw0yNDA1MTMxNjUxMTRaMBcxFTATBgNVBAMMDCouYWRzcnZyLm9yZzCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAPV3HolKV05QPl2Y1gdK+fwH25sy4rp1
hP0MPhc03odT9SBv5hfQXC1ovRf0NGGJhEJpgFMYRO8ktoe1io66m86pzoNC8bqA
ONj1qE+Uo29a7dkKAaZWGf68KM/1bbttjla0t0aKwZsDJfVw9Jnj2yhdatXbmJ2e
bU4nU0DjHPEwVbubgYk7rdiCPyP2IjHJxaC6qmU/wBcKDap98w3oCGs+LRQhXADq
m8S5jkMOa37ZfLMdmP3x3hKhBM6DFnb60xpY2lIm0z1BNGBLqKcPnPGbFSCEHEMc
kmUW+yJ4ucp/+Wb91+qYin9jYq4NbfgzVFwgl/JSEUbmes49NKU5omsCAwEAAaOC
A1cwggNTMA4GA1UdDwEB/wQEAwIFoDCBkwYIKwYBBQUHAQEEgYYwgYMwRgYIKwYB
BQUHMAKGOmh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZ2Nj
cjNkdnRsc2NhMjAyMC5jcnQwOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLmdsb2Jh
bHNpZ24uY29tL2dzZ2NjcjNkdnRsc2NhMjAyMDBWBgNVHSAETzBNMEEGCSsGAQQB
oDIBCjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9y
ZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0TBAIwADBBBgNVHR8EOjA4MDagNKAy
hjBodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL2dzZ2NjcjNkdnRsc2NhMjAyMC5j
cmwwIwYDVR0RBBwwGoIMKi5hZHNydnIub3JnggphZHNydnIub3JnMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBQNmMBzf6u9vdlHS0mt
CkoMrD7HfDAdBgNVHQ4EFgQUabYCIOeOXKYFvQTF3NPslCg89WMwggF/BgorBgEE
AdZ5AgQCBIIBbwSCAWsBaQB2AHPZnokbTJZ4oCB9R53mssYc0FFecRkqjGuAEHrB
d3K1AAABh3ZhASoAAAQDAEcwRQIgHedclYB5CYoAlZ9ElHZe/vz5CLljgIeYxz0N
Gc9c2WYCIQDuj1zGuJpOeT8FcjGqA9Bfkk5HqU47SqsOvlU3pn6Q1wB3AEiw42va
pkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABh3ZhAUoAAAQDAEgwRgIhAOYc
uaVjK/DGp5ovNP9wf00sNX88XmzZDZG84eLSpOT3AiEAunfPwnVm0/ZbDS0uSnS6
y0LXZFGDzMwTfLUJo/kXesIAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlG
cR+1mwAAAYd2YQECAAAEAwBHMEUCIQCJWss5BMQYokeCw+10ljrDkX3udYVE+5AP
qMEYI2VJBAIga8+u/ry/iB7d7Pv3ITQLxZIQdqXUBwgWGQOgT2zQDucwDQYJKoZI
hvcNAQELBQADggEBAEj6NW5zkRZ7qX9KY/t7B5qnyH0iK0ZsIU6xPcskp2D/a5Rs
1SCHh7XmLJRRlF9KTmW690kA7xhOP72gXLJt7fkKZ7dhykFPTnDVp7t6aFvyqm1E
6e77Nq7ahxcEswiUULm4oW0UngRk8PYu/Fz7eXEVRrdM53sS2OKZQEApqLMnbAp8
e+QysHi89q+ts3wpp+zANf8dWkYx7UCQQ7CGTl57TH/BU1HZGq5J42DclSlod0Wi
XgjVjAUMTNKffmM+RGKOEm+bcYbF57RiyXiApFvtyi1wO2QcFDG2ymKonMT6vvRh
Kz3R/MxnFn1bbecW77ZWpxjSq1rN53xDzbkkvaw=
-----END CERTIFICATE-----
1 s:C = BE, O = GlobalSign nv-sa, CN = GlobalSign GCC R3 DV TLS CA 2020
i:OU = GlobalSign Root CA - R3, O = GlobalSign, CN = GlobalSign
-----BEGIN CERTIFICATE-----
MIIEsDCCA5igAwIBAgIQd70OB0LV2enQSdd00CpvmjANBgkqhkiG9w0BAQsFADBM
MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA3MjgwMDAwMDBaFw0y
OTAzMTgwMDAwMDBaMFMxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu
IG52LXNhMSkwJwYDVQQDEyBHbG9iYWxTaWduIEdDQyBSMyBEViBUTFMgQ0EgMjAy
MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxnlJV/de+OpwyvCXAJ
IcxPCqkFPh1lttW2oljS3oUqPKq8qX6m7K0OVKaKG3GXi4CJ4fHVUgZYE6HRdjqj
hhnuHY6EBCBegcUFgPG0scB12Wi8BHm9zKjWxo3Y2bwhO8Fvr8R42pW0eINc6OTb
QXC0VWFCMVzpcqgz6X49KMZowAMFV6XqtItcG0cMS//9dOJs4oBlpuqX9INxMTGp
6EASAF9cnlAGy/RXkVS9nOLCCa7pCYV+WgDKLTF+OK2Vxw3RUJ/p8009lQeUARv2
UCcNNPCifYX1xIspvarkdjzLwzOdLahDdQbJON58zN4V+lMj0msg+c0KnywPIRp3
BMkCAwEAAaOCAYUwggGBMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUDZjA
c3+rvb3ZR0tJrQpKDKw+x3wwHwYDVR0jBBgwFoAUj/BLf6guRSSuTVD6Y5qL3uLd
G7wwewYIKwYBBQUHAQEEbzBtMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcDIuZ2xv
YmFsc2lnbi5jb20vcm9vdHIzMDsGCCsGAQUFBzAChi9odHRwOi8vc2VjdXJlLmds
b2JhbHNpZ24uY29tL2NhY2VydC9yb290LXIzLmNydDA2BgNVHR8ELzAtMCugKaAn
hiVodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jvb3QtcjMuY3JsMEcGA1UdIARA
MD4wPAYEVR0gADA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWdu
LmNvbS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAy8j/c550ea86oCkf
r2W+ptTCYe6iVzvo7H0V1vUEADJOWelTv07Obf+YkEatdN1Jg09ctgSNv2h+LMTk
KRZdAXmsE3N5ve+z1Oa9kuiu7284LjeS09zHJQB4DJJJkvtIbjL/ylMK1fbMHhAW
i0O194TWvH3XWZGXZ6ByxTUIv1+kAIql/Mt29PmKraTT5jrzcVzQ5A9jw16yysuR
XRrLODlkS1hyBjsfyTNZrmL1h117IFgntBA5SQNVl9ckedq5r4RSAU85jV8XK5UL
REjRZt2I6M9Po9QL7guFLu4sPFJpwR1sPJvubS2THeo7SxYoNDtdyBHs7euaGcMa
D/fayQ==
-----END CERTIFICATE-----
---
Server certificate
subject=CN = *.adsrvr.org
issuer=C = BE, O = GlobalSign nv-sa, CN = GlobalSign GCC R3 DV TLS CA 2020
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3457 bytes and written 447 bytes
Verification error: unable to get local issuer certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 57A2450D3BC3126A8220C8EB68E10624CBB883CA9BE7FF7702F1014793D50EE2
Session-ID-ctx:
Master-Key: 5DEA1DCC5B76A30CD48F52C92DBAF2E2BBBEFED4750D3B17AC3C10CCC6D32422807CF427BABBA0B1D1B245724B280BFD
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 86400 (seconds)
TLS session ticket:
0000 - b6 38 e4 e1 ee d0 00 3e-8d 29 08 5a 5c ab 38 ca .8.....>.).Z\.8.
0010 - a8 40 ae 55 8d 05 3d 91-57 af a0 91 ca 58 37 cc .@.U..=.W....X7.
0020 - 93 19 b2 b8 76 e3 ba 0b-69 07 37 4b a5 75 0f 89 ....v...i.7K.u..
0030 - 91 ab 9f 37 ac ed b9 a3-45 92 8c c8 e0 e5 fb 42 ...7....E......B
0040 - a9 3b 11 b5 06 01 38 9d-7c 82 12 5a f9 c8 42 5e .;....8.|..Z..B^
0050 - 36 53 a2 39 7e ec 59 07-21 21 de 95 cb 86 d6 11 6S.9~.Y.!!......
0060 - 92 db 9a 3c 20 f0 69 f2-94 ...< .i..
Start Time: 1714023369
Timeout : 7200 (sec)
Verify return code: 20 (unable to get local issuer certificate)
Extended master secret: yes
---
DONE