SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
check_circle
It's all good. We have not detected any issues.
| Hostname: | done Matches Common Name or/and SAN |
| Expired: | done No (224 days till expiration) |
| Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
| Trusted: | done Yes, we were able to verify the certificate |
| Self-Signed: | done No, the end-entity certificate is not self-signed |
| Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
| Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
| OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
| Resolves To: | 129.121.30.155 |
| Reverse IP lookup: | ip-129-121-30-155.local. |
| Nameserver: | ns1.arvixeshared.com. |
| Nameserver: | ns2.arvixeshared.com. |
General Information
| Common Name: | belowcost.net |
| SANs: | DNS:belowcost.netDNS:www.belowcost.net Total number of SANs: 2 |
| Signature Algorithm: | sha256WithRSAEncryption |
| Key Type: | RSA |
| Key size: | 2048 bits |
| Serial Number: | 226f49d730d552c2500bcc54a1c583d1 |
| Not Before: | Jan 12, 2020 00:00:00 GMT |
| Not After: | Jan 11, 2021 23:59:59 GMT |
| Number of certs: | 3 |
| Revocation Status: | good |
| OCSP Stapling: | Not Supported |
| Server: | Apache |
| HSTS: | Not Supported |
| HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: belowcost.net
Decode this certificate for verbose information →launch| Subject Common Name | belowcost.net |
| Issuer Common Name | Sectigo RSA Domain Validation Secure Server CA |
| Issuer Organization | Sectigo Limited |
| Not Before: | Jan 12, 2020 00:00:00 GMT |
| Not After: | Jan 11, 2021 23:59:59 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 226f49d730d552c2500bcc54a1c583d1 |
| SHA1 Fingerprint: | 53:10:F6:A0:95:1F:16:78:4D:87:91:3C:3F:9E:A1:4D:C4:27:98:AD |
| MD5 Fingerprint: | AF:82:05:5F:51:0C:5D:F0:FC:F9:49:95:CC:17:FA:1E |
Certificate # 2 - Common Name: Sectigo RSA Domain Validation Secure Server CA
Decode this certificate for verbose information →launch| In place? | Yes, this certificate directly certifies the preceding one |
| Subject Common Name | Sectigo RSA Domain Validation Secure Server CA |
| Subject Organization | Sectigo Limited |
| Issuer Common Name | USERTrust RSA Certification Authority |
| Issuer Organization | The USERTRUST Network |
| Not Before: | Nov 02, 2018 00:00:00 GMT |
| Not After: | Dec 31, 2030 23:59:59 GMT |
| Signature Algorithm: | sha384WithRSAEncryption |
| Serial Number: | 7d5b5126b476ba11db74160bbc530da7 |
| SHA1 Fingerprint: | 33:E4:E8:08:07:20:4C:2B:61:82:A3:A1:4B:59:1A:CD:25:B5:F0:DB |
| MD5 Fingerprint: | AD:AB:5C:4D:F0:31:FB:92:99:F7:1A:DA:7E:18:F6:13 |
Certificate # 3 - Common Name: USERTrust RSA Certification Authority
Decode this certificate for verbose information →launch| In place? | Yes, this certificate directly certifies the preceding one |
| Subject Common Name | USERTrust RSA Certification Authority |
| Subject Organization | The USERTRUST Network |
| Issuer Common Name | AddTrust External CA Root |
| Issuer Organization | AddTrust AB |
| Not Before: | May 30, 2000 10:48:38 GMT |
| Not After: | May 30, 2020 10:48:38 GMT |
| Signature Algorithm: | sha384WithRSAEncryption |
| Serial Number: | 13ea28705bf4eced0c36630980614336 |
| SHA1 Fingerprint: | EA:B0:40:68:9A:0D:80:5B:5D:6F:D6:54:FC:16:8C:FF:00:B7:8B:E3 |
| MD5 Fingerprint: | DB:78:CB:D1:90:95:27:35:D9:40:BC:80:AC:24:32:C0 |
OpenSSL Handshake
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
verify return:1
depth=0 CN = belowcost.net
verify return:1
CONNECTED(00000003)
OCSP response: no response sent
---
Certificate chain
0 s:/CN=belowcost.net
i:/C=GB/ST=Greater Manchester/L=Salford/O=Sectigo Limited/CN=Sectigo RSA Domain Validation Secure Server CA
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIQIm9J1zDVUsJQC8xUocWD0TANBgkqhkiG9w0BAQsFADCB
jzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQD
Ey5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB
MB4XDTIwMDExMjAwMDAwMFoXDTIxMDExMTIzNTk1OVowGDEWMBQGA1UEAxMNYmVs
b3djb3N0Lm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANjj1/f2
1zbbpnCzRHiamiZDIYL5hxmkVC5htI9A7KN2SbhexSew1Jyzojiul9wNB9NoPjkw
vaisb8WRKZ19bhxLheIbZPRbt9I/646+fhVR6sDWjtC/NOucHxSf5A+WYgpaZ8Sr
RVmsG4NfkqgMIL5+huwhHpsmX5Qjh/+OnfUTbLAYPxh2MSO/y7xR1eEXF+DuY9kG
GQNzjvZeekZM2qikjeuJBc0tF26C+VmPEPbi7Z8XClwfXgsJcPZDBLVl3drsW9OQ
QB+LXyV9rsJeMUXiZEWukitBI5Nr4Xls6W1eDcpmXZ3dkWWRqT6INZ6Tuo2OwVbL
AxAZYtyLRs0HTmkCAwEAAaOCAogwggKEMB8GA1UdIwQYMBaAFI2MXsRUrYrhd+mb
+ZsF4bgBjWHhMB0GA1UdDgQWBBTbG/TT7W0BKN1Cz/roMZ89sL1mhDAOBgNVHQ8B
Af8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICBzAlMCMGCCsGAQUFBwIBFhdo
dHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgEwgYQGCCsGAQUFBwEBBHgw
djBPBggrBgEFBQcwAoZDaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNB
RG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYX
aHR0cDovL29jc3Auc2VjdGlnby5jb20wKwYDVR0RBCQwIoINYmVsb3djb3N0Lm5l
dIIRd3d3LmJlbG93Y29zdC5uZXQwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgB9
PvL4j/+IVWgkwsDKnlKJeSvFDngJfy5ql2iZfiLw1wAAAW+alfAcAAAEAwBHMEUC
IDy7SATTdjBn3LJRBLH0dcMV5ksOiB7pp5pMq16bgXpeAiEA/YkGoV3Y7A2nX2qe
O+QgovyALk8eq2MIeL5DbWzqo8AAdgBElGUusO7Or8RAB9io/ijA2uaCvtjLMbU/
0zOWtbaBqAAAAW+ale34AAAEAwBHMEUCIQC5qElWqFxCtgxEhu4WM71o0HJcqYWh
PjrPeF1d7D1MngIgRcu1e9ql2gd0d2Rf7DeiEcVPao8Yo8FU7sIvZmieMFcwDQYJ
KoZIhvcNAQELBQADggEBAF98ZrHd1cPwv/KOoQBG1CtJHsdjZv7c8ViUgAIcEer4
07mozSe2OHu7P9igYPFdPx7PRBt5iUqeSBvOPzekFCgvYpuuUupi8buSElGoZMd1
YRnUalNsLMI8SZXCa/bethYAc6ZKD6CpzNgno07SkNsf9KktsxDsWMbn5NqVaSNq
/gGzNsyqa41SzkbUMyoWB4CzF3Mv3DLgCerD91IeSBLoR3wtsWqlKM1WaTT7dQZh
PR1+YWgigz5YWSpzj7zPAkKHRZvQHtgZpCy1K8meLlDkkLsSi7vXpybvzOcW0B90
1eDnExZ8+qynH6t1FE+QyfAADNj0UxkTc3pbeu2/4LM=
-----END CERTIFICATE-----
1 s:/C=GB/ST=Greater Manchester/L=Salford/O=Sectigo Limited/CN=Sectigo RSA Domain Validation Secure Server CA
i:/C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority
-----BEGIN CERTIFICATE-----
MIIGEzCCA/ugAwIBAgIQfVtRJrR2uhHbdBYLvFMNpzANBgkqhkiG9w0BAQwFADCB
iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgx
MTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBjzELMAkGA1UEBhMCR0IxGzAZBgNV
BAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UE
ChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQDEy5TZWN0aWdvIFJTQSBEb21haW4g
VmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1nMz1tc8INAA0hdFuNY+B6I/x0HuMjDJsGz99J/LEpgPLT+N
TQEMgg8Xf2Iu6bhIefsWg06t1zIlk7cHv7lQP6lMw0Aq6Tn/2YHKHxYyQdqAJrkj
eocgHuP/IJo8lURvh3UGkEC0MpMWCRAIIz7S3YcPb11RFGoKacVPAXJpz9OTTG0E
oKMbgn6xmrntxZ7FN3ifmgg0+1YuWMQJDgZkW7w33PGfKGioVrCSo1yfu4iYCBsk
Haswha6vsC6eep3BwEIc4gLw6uBK0u+QDrTBQBbwb4VCSmT3pDCg/r8uoydajotY
uK3DGReEY+1vVv2Dy2A0xHS+5p3b4eTlygxfFQIDAQABo4IBbjCCAWowHwYDVR0j
BBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFI2MXsRUrYrhd+mb
+ZsF4bgBjWHhMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYGBFUdIAAw
CAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0
LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2Bggr
BgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNv
bS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDov
L29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAMr9hvQ5Iw0/H
ukdN+Jx4GQHcEx2Ab/zDcLRSmjEzmldS+zGea6TvVKqJjUAXaPgREHzSyrHxVYbH
7rM2kYb2OVG/Rr8PoLq0935JxCo2F57kaDl6r5ROVm+yezu/Coa9zcV3HAO4OLGi
H19+24rcRki2aArPsrW04jTkZ6k4Zgle0rj8nSg6F0AnwnJOKf0hPHzPE/uWLMUx
RP0T7dWbqWlod3zu4f+k+TY4CFM5ooQ0nBnzvg6s1SQ36yOoeNDT5++SR2RiOSLv
xvcRviKFxmZEJCaOEDKNyJOuB56DPi/Z+fVGjmO+wea03KbNIaiGCpXZLoUmGv38
sbZXQm2V0TP2ORQGgkE49Y9Y3IBbpNV9lXj9p5v//cWoaasm56ekBYdbqbe4oyAL
l6lFhd2zi+WJN44pDfwGF/Y4QA5C5BIG+3vzxhFoYt/jmPQT2BVPi7Fp2RBgvGQq
6jG35LWjOhSbJuMLe/0CjraZwTiXWTb2qHSihrZe68Zk6s+go/lunrotEbaGmAhY
LcmsJWTyXnW0OMGuf1pGg+pRyrbxmRE1a6Vqe8YAsOf4vmSyrcjC8azjUeqkk+B5
yOGBQMkKW+ESPMFgKuOXwIlCypTPRpgSabuY0MLTDXJLR27lk8QyKGOHQ+SwMj4K
00u/I5sUKUErmgQfky3xxzlIPK1aEn8=
-----END CERTIFICATE-----
2 s:/C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgIQE+oocFv07O0MNmMJgGFDNjANBgkqhkiG9w0BAQwFADBv
MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk
ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF
eHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFow
gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAgBJlFzYOw9sIs9CsVw127c0n00yt
UINh4qogTQktZAnczomfzD2p7PbPwdzx07HWezcoEStH2jnGvDoZtF+mvX2do2NC
tnbyqTsrkfjib9DsFiCQCT7i6HTJGLSR1GJk23+jBvGIGGqQIjy8/hPwhxR79uQf
jtTkUcYRZ0YIUcuGFFQ/vDP+fmyc/xadGL1RjjWmp2bIcmfbIWax1Jt4A8BQOujM
8Ny8nkz+rwWWNR9XWrf/zvk9tyy29lTdyOcSOk2uTIq3XJq0tyA9yn8iNK5+O2hm
AUTnAU5GU5szYPeUvlM3kHND8zLDU+/bqv50TmnHa4xgk97Exwzf4TKuzJM7UXiV
Z4vuPVb+DNBpDxsP8yUmazNt925H+nND5X4OpWaxKXwyhGNVicQNwZNUMBkTrNN9
N6frXTpsNVzbQdcS2qlJC9/YgIoJk2KOtWbPJYjNhLixP6Q5D9kCnusSTJV882sF
qV4Wg8y4Z+LoE53MW4LTTLPtW//e5XOsIzstAL81VXQJSdhJWBp/kjbmUZIO8yZ9
HE0XvMnsQybQv0FfQKlERPSZ51eHnlAfV1SoPv10Yy+xUGUJ5lhCLkMaTLTwJUdZ
+gQek9QmRkpQgbLevni3/GcV4clXhB4PY9bpYrrWX1Uu6lzGKAgEJTm4Diup8kyX
HAc/DVL17e8vgg8CAwEAAaOB9DCB8TAfBgNVHSMEGDAWgBStvZh6NLQm9/rEJlTv
A73gJMtUGjAdBgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/
BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0gBAowCDAGBgRVHSAAMEQGA1Ud
HwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9BZGRUcnVzdEV4
dGVybmFsQ0FSb290LmNybDA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAGGGWh0
dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggEBAJNl9jeD
lQ9ew4IcH9Z35zyKwKoJ8OkLJvHgwmp1ocd5yblSYMgpEg7wrQPWCcR23+WmgZWn
RtqCV6mVksW2jwMibDN3wXsyF24HzloUQToFJBv2FAY7qCUkDrvMKnXduXBBP3zQ
YzYhBx9G/2CkkeFnvN4ffhkUyWNnkepnB2u0j4vAbkN9w6GAbLIevFOFfdyQoaS8
Le9Gclc1Bb+7RrtubTeZtv8jkpHGbkD4jylW6l/VXxRTrPBPYer3IsynVgviuDQf
Jtl7GQVoP7o81DgGotPmjw7jtHFtQELFhLRAlSv0ZaBIefYdgWOWnU914Ph85I6p
0fKtirOMxyHNwu8=
-----END CERTIFICATE-----
---
Server certificate
subject=/CN=belowcost.net
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=Sectigo Limited/CN=Sectigo RSA Domain Validation Secure Server CA
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 5146 bytes and written 333 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 6A5AB5991532763A0B7823EA660E9AFFAFC24159D46980562ADF1124ECEA3344
Session-ID-ctx:
Master-Key: DB9579A988FC178AFFD8168EBB060A9F13A79079D9478051B47FE623C72E78446D3E810BB79FC5CA1717BC0C4BFB4FE9
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - 01 79 91 2b 0d 8f 12 56-ac 6b 52 d8 d1 4d 98 05 .y.+...V.kR..M..
0010 - 85 85 77 50 93 44 b7 7c-0d 75 70 c7 37 d8 b6 d3 ..wP.D.|.up.7...
0020 - f3 1e c0 09 fb 67 2b 09-d3 2c c5 c1 50 3b e2 64 .....g+..,..P;.d
0030 - e8 4c 10 f6 5f 4c ae 8d-1a 05 e5 d0 d2 61 e8 5f .L.._L.......a._
0040 - f9 f2 cd d1 5c 6c 05 3c-a9 86 c1 8e b2 d7 ad 0c ....\l.<........
0050 - 4b bc 00 c8 5c 6c c7 ee-d3 1a a4 80 93 a5 3f 42 K...\l........?B
0060 - fe b9 4d 1c b9 73 65 b6-09 1e c6 86 88 71 39 c8 ..M..se......q9.
0070 - d7 08 7d 93 73 4a 5b fc-68 9c 3f 20 d3 19 13 bc ..}.sJ[.h.? ....
0080 - d1 5b fb 32 82 a8 1f 28-31 d6 8e de 2c 48 2a b3 .[.2...(1...,H*.
0090 - 0b 0d d2 70 fc 6f 37 42-25 7b fd f5 a7 1f 61 d0 ...p.o7B%{....a.
00a0 - 5d f2 a9 db db 16 1c f3-84 be 16 97 b6 f6 7c fd ].............|.
00b0 - e0 79 20 64 1d c8 cd b4-ec e3 8f f6 35 29 fe 59 .y d........5).Y
00c0 - 2e ed 58 dd 8a 30 e2 28-e0 66 3b c8 83 7f b2 98 ..X..0.(.f;.....
Start Time: 1591028280
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---
DONE