SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
Hostname: | close Doesn't match Common Name or/and SANs |
Expired: | done No (67 days till expiration) |
Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
Trusted: | done Yes, we were able to verify the certificate |
Self-Signed: | done No, the end-entity certificate is not self-signed |
Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
CNAME: | clarity-tec.com. |
Resolves To: | 136.243.94.161 |
Reverse IP lookup: | static.161.94.243.136.clients.your-server.de. |
Nameserver: | ns3.stratoserver.net. |
Nameserver: | ns4.stratoserver.net. |
General Information
Common Name: | ama-demo.clarity-tec.com |
SANs: | DNS:ama-demo.clarity-tec.com Total number of SANs: 1 |
Signature Algorithm: | sha256WithRSAEncryption |
Key Type: | RSA |
Key size: | 2048 bits |
Serial Number: | 3f6b0e4e91344d14ac22b9b963570eadec8 |
Not Before: | Jul 04, 2024 18:26:22 GMT |
Not After: | Oct 02, 2024 18:26:21 GMT |
Number of certs: | 2 |
Revocation Status: | good |
OCSP Stapling: | Not Supported |
Server: | nginx/1.18.0 (Ubuntu) |
HSTS: | Not Supported |
HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: ama-demo.clarity-tec.com
Decode this certificate for verbose information → launchSubject Common Name | ama-demo.clarity-tec.com |
Issuer Common Name | R11 |
Issuer Organization | Let's Encrypt |
Not Before: | Jul 04, 2024 18:26:22 GMT |
Not After: | Oct 02, 2024 18:26:21 GMT |
Signature Algorithm: | sha256WithRSAEncryption |
Serial Number: | 3f6b0e4e91344d14ac22b9b963570eadec8 |
SHA1 Fingerprint: | F3:59:99:BE:52:18:AF:61:24:A3:FF:13:A8:90:4C:EE:07:14:01:FF |
MD5 Fingerprint: | 92:71:C4:E2:9B:61:44:3C:0F:52:D6:66:0B:84:4A:54 |
Certificate # 2 - Common Name: R11
Decode this certificate for verbose information → launchIn place? | Yes, this certificate directly certifies the preceding one |
Subject Common Name | R11 |
Subject Organization | Let's Encrypt |
Issuer Common Name | ISRG Root X1 |
Issuer Organization | Internet Security Research Group |
Not Before: | Mar 13, 2024 00:00:00 GMT |
Not After: | Mar 12, 2027 23:59:59 GMT |
Signature Algorithm: | sha256WithRSAEncryption |
Serial Number: | 8a7d3e13d62f30ef2386bd29076b34f8 |
SHA1 Fingerprint: | 69:6D:B3:AF:0D:FF:C1:7E:65:C6:A2:0D:92:5C:5A:7B:D2:4D:EC:7E |
MD5 Fingerprint: | 2F:AC:04:55:31:47:F4:6A:49:DF:9B:4E:BE:A6:DF:43 |
OpenSSL Handshake
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = R11 verify return:1 depth=0 CN = ama-demo.clarity-tec.com verify return:1 CONNECTED(00000003) OCSP response: no response sent --- Certificate chain 0 s:CN = ama-demo.clarity-tec.com i:C = US, O = Let's Encrypt, CN = R11 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISA/aw5OkTRNFKwiubljVw6t7IMA0GCSqGSIb3DQEBCwUA MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD EwNSMTEwHhcNMjQwNzA0MTgyNjIyWhcNMjQxMDAyMTgyNjIxWjAjMSEwHwYDVQQD ExhhbWEtZGVtby5jbGFyaXR5LXRlYy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIz+7cWR/EmICzdb9Idl7RbmP3v0S3jiPauT5fVnQ5IhNTwcGx nFosB/Yc0cFQkXYQRIbZsCyn9RJh7PzSIr8FbvLu5keNnZDsMGXa9GA9WrJCOk8o tqMyD0x+bevwJai3VmpU43+qXM+JkeHOQn0mcz406GvUPj4kqpYBb6eB/w3dq4cS H+gXRC0HeQLqgHcZsvCgwVprtz2SXPATBg/6PXoCsqrbmr87so1YCmDE/rKUG9LC TCFaXhy1syBUCZz8rnnYLm55xhFvuaGTENhbFmiwokki9KSbaSNn2q6EANqCw032 Nvs29A26WdwFTn++pJkYVDufz7B6n6byALERAgMBAAGjggIcMIICGDAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB /wQCMAAwHQYDVR0OBBYEFC+ZA4HQfo0cIgNvGA9acIackOoBMB8GA1UdIwQYMBaA FMXPRqTq9MPAemyVxC2wXpIvJuO5MFcGCCsGAQUFBwEBBEswSTAiBggrBgEFBQcw AYYWaHR0cDovL3IxMS5vLmxlbmNyLm9yZzAjBggrBgEFBQcwAoYXaHR0cDovL3Ix MS5pLmxlbmNyLm9yZy8wIwYDVR0RBBwwGoIYYW1hLWRlbW8uY2xhcml0eS10ZWMu Y29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDw AHYA3+FW66oFr7WcD4ZxjajAMk6uVtlup/WlagHRwTu+UlwAAAGQfzZKjQAABAMA RzBFAiEAneytPklOG6pcxRWH8eNNxyWDhk9cIzEIM7GV9KyMNcgCIB2jlIkTv/jC fYcqsbEWo3HKk75rWE0gjJfCytOAQRR+AHYASLDja9qmRzQP5WoC+p0w6xxSActW 3SyB2bu/qznYhHMAAAGQfzZJswAABAMARzBFAiBV27gEU0EPzCeodkFC9szTSvOC IzTnDnTM7kXWFTjr4gIhAN3HQVfWoVvVjuQ3J8jhO2Pj0YCjc/Jy6FpovaDB5jSS MA0GCSqGSIb3DQEBCwUAA4IBAQCIVKRlBCirBR0U8T4zdue6qKmLMzUo5un4BMh7 2soINMmZbYEz6eu4EFjHXLp/QG9xUg2sNeN59wJs+kWVsrTQHQfTYX4e48t9w4GA AFH9/PaGexIhNFf+XPwFOO2wTi5CI0z2GS8ieAzYtLx+XQL78pRGMOXq0UsUIj+/ 62tEIIb3x7bsBhI0N3OFWFGH7aES7u5EvJ63XAjoqxAaGIdO1WGJ3tel0Kh+Mk+g jNEGe0tLqv/+DON8QOYPSGTAYym5HjPQ0rdLndHXOv0hz0BZR8acHpXlsJaruUJb 2+VQAsl+56TC9OzhwJJn+MF5wZfSdnLVAUPcoG9QPcOE4/ua -----END CERTIFICATE----- 1 s:C = US, O = Let's Encrypt, CN = R11 i:C = US, O = Internet Security Research Group, CN = ISRG Root X1 -----BEGIN CERTIFICATE----- MIIFBjCCAu6gAwIBAgIRAIp9PhPWLzDvI4a9KQdrNPgwDQYJKoZIhvcNAQELBQAw TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw WhcNMjcwMzEyMjM1OTU5WjAzMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg RW5jcnlwdDEMMAoGA1UEAxMDUjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAuoe8XBsAOcvKCs3UZxD5ATylTqVhyybKUvsVAbe5KPUoHu0nsyQYOWcJ DAjs4DqwO3cOvfPlOVRBDE6uQdaZdN5R2+97/1i9qLcT9t4x1fJyyXJqC4N0lZxG AGQUmfOx2SLZzaiSqhwmej/+71gFewiVgdtxD4774zEJuwm+UE1fj5F2PVqdnoPy 6cRms+EGZkNIGIBloDcYmpuEMpexsr3E+BUAnSeI++JjF5ZsmydnS8TbKF5pwnnw SVzgJFDhxLyhBax7QG0AtMJBP6dYuC/FXJuluwme8f7rsIU5/agK70XEeOtlKsLP Xzze41xNG/cLJyuqC0J3U095ah2H2QIDAQABo4H4MIH1MA4GA1UdDwEB/wQEAwIB hjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwEgYDVR0TAQH/BAgwBgEB /wIBADAdBgNVHQ4EFgQUxc9GpOr0w8B6bJXELbBeki8m47kwHwYDVR0jBBgwFoAU ebRZ5nu25eQBc4AIiMgaWPbpm24wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAC hhZodHRwOi8veDEuaS5sZW5jci5vcmcvMBMGA1UdIAQMMAowCAYGZ4EMAQIBMCcG A1UdHwQgMB4wHKAaoBiGFmh0dHA6Ly94MS5jLmxlbmNyLm9yZy8wDQYJKoZIhvcN AQELBQADggIBAE7iiV0KAxyQOND1H/lxXPjDj7I3iHpvsCUf7b632IYGjukJhM1y v4Hz/MrPU0jtvfZpQtSlET41yBOykh0FX+ou1Nj4ScOt9ZmWnO8m2OG0JAtIIE38 01S0qcYhyOE2G/93ZCkXufBL713qzXnQv5C/viOykNpKqUgxdKlEC+Hi9i2DcaR1 e9KUwQUZRhy5j/PEdEglKg3l9dtD4tuTm7kZtB8v32oOjzHTYw+7KdzdZiw/sBtn UfhBPORNuay4pJxmY/WrhSMdzFO2q3Gu3MUBcdo27goYKjL9CTF8j/Zz55yctUoV aneCWs/ajUX+HypkBTA+c8LGDLnWO2NKq0YD/pnARkAnYGPfUDoHR9gVSp/qRx+Z WghiDLZsMwhN1zjtSC0uBWiugF3vTNzYIEFfaPG7Ws3jDrAMMYebQ95JQ+HIBD/R PBuHRTBpqKlyDnkSHDHYPiNX3adPoPAcgdF3H2/W0rmoswMWgTlLn1Wu0mrks7/q pdWfS6PJ1jty80r2VKsM/Dj3YIDfbjXKdaFU5C+8bhfJGqU3taKauuz0wHVGT3eo 6FlWkWYtbt4pgdamlwVeZEW+LM7qZEJEsMNPrfC03APKmZsJgpWCDWOKZvkZcvjV uYkQ4omYCTX5ohy+knMjdOmdH9c7SpqEWBDC86fiNex+O0XOMEZSa8DA -----END CERTIFICATE----- --- Server certificate subject=CN = ama-demo.clarity-tec.com issuer=C = US, O = Let's Encrypt, CN = R11 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL handshake has read 3139 bytes and written 415 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- DONE