SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
It's all good. We have not detected any issues.
| Hostname: | done Matches Common Name or/and SAN |
| Expired: | done No (48 days till expiration) |
| Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
| Trusted: | done Yes, we were able to verify the certificate |
| Self-Signed: | done No, the end-entity certificate is not self-signed |
| Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
| Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
| OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
| CNAME: | customer.bookfocal.com. |
| Resolves To: | 34.122.67.196 |
| Reverse IP lookup: | 196.67.122.34.bc.googleusercontent.com. |
| Nameserver: | ns-cloud-a4.googledomains.com. |
| Nameserver: | ns-cloud-a3.googledomains.com. |
| Nameserver: | ns-cloud-a1.googledomains.com. |
| Nameserver: | ns-cloud-a2.googledomains.com. |
General Information
| Common Name: | booking.keithreillyphotography.com |
| SANs: | DNS:booking.keithreillyphotography.com Total number of SANs: 1 |
| Signature Algorithm: | sha256WithRSAEncryption |
| Key Type: | RSA |
| Key size: | 4096 bits |
| Serial Number: | 478c65511bdcaa8d93d2f35124005fb59de |
| Not Before: | Jun 15, 2024 18:37:58 GMT |
| Not After: | Sep 13, 2024 18:37:57 GMT |
| Number of certs: | 2 |
| Revocation Status: | good |
| OCSP Stapling: | Supported |
| Server: | openresty |
| HSTS: | max-age=31556926 |
| HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: booking.keithreillyphotography.com
Decode this certificate for verbose information → launch| Subject Common Name | booking.keithreillyphotography.com |
| Issuer Common Name | R11 |
| Issuer Organization | Let's Encrypt |
| Not Before: | Jun 15, 2024 18:37:58 GMT |
| Not After: | Sep 13, 2024 18:37:57 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 478c65511bdcaa8d93d2f35124005fb59de |
| SHA1 Fingerprint: | 90:17:25:20:A8:E8:C4:9B:37:62:50:B7:B8:5A:66:E0:C9:58:37:55 |
| MD5 Fingerprint: | 01:30:E2:92:D1:8C:5E:F7:94:D7:E3:74:AA:DC:68:60 |
Certificate # 2 - Common Name: R11
Decode this certificate for verbose information → launch| In place? | Yes, this certificate directly certifies the preceding one |
| Subject Common Name | R11 |
| Subject Organization | Let's Encrypt |
| Issuer Common Name | ISRG Root X1 |
| Issuer Organization | Internet Security Research Group |
| Not Before: | Mar 13, 2024 00:00:00 GMT |
| Not After: | Mar 12, 2027 23:59:59 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 8a7d3e13d62f30ef2386bd29076b34f8 |
| SHA1 Fingerprint: | 69:6D:B3:AF:0D:FF:C1:7E:65:C6:A2:0D:92:5C:5A:7B:D2:4D:EC:7E |
| MD5 Fingerprint: | 2F:AC:04:55:31:47:F4:6A:49:DF:9B:4E:BE:A6:DF:43 |
OpenSSL Handshake
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R11
verify return:1
depth=0 CN = booking.keithreillyphotography.com
verify return:1
CONNECTED(00000003)
OCSP response:
======================================
OCSP Response Data:
OCSP Response Status: successful (0x0)
Response Type: Basic OCSP Response
Version: 1 (0x0)
Responder Id: C = US, O = Let's Encrypt, CN = R11
Produced At: Jul 27 06:07:00 2024 GMT
Responses:
Certificate ID:
Hash Algorithm: sha1
Issuer Name Hash: 1A52B9B459E4C33398217E866D4BBD8A3BD667CE
Issuer Key Hash: 08B9113BA5D08518B4EA0FA0AD9F861E8EFC3827
Serial Number: 0478C65511BDCAA8D93D2F35124005FB59DE
Cert Status: good
This Update: Jul 27 06:07:00 2024 GMT
Next Update: Aug 3 06:06:58 2024 GMT
Signature Algorithm: sha256WithRSAEncryption
44:dc:7e:80:fa:6d:ac:7c:34:49:fb:69:ee:f6:57:37:cd:bd:
14:5e:e3:90:f2:54:8b:84:24:1a:50:2c:01:9f:d7:79:90:06:
d1:7c:e3:52:51:58:ff:b8:1a:18:93:ad:a7:bb:bf:65:05:d8:
11:cb:8c:65:e3:22:6a:b0:62:85:eb:2e:68:06:4c:10:49:f3:
d8:04:13:f0:1f:25:19:b9:07:7f:80:ec:dc:f1:46:cc:84:2a:
0c:72:06:aa:23:a9:ff:c2:77:a9:ee:18:39:c4:1f:26:b0:04:
39:5b:9d:06:1f:0c:c7:23:85:c3:83:c8:46:a2:c4:19:e1:a9:
bf:35:d6:5b:17:fa:3e:d0:aa:49:17:fc:8d:3c:f8:d7:b6:08:
66:cb:49:d4:b7:89:1b:cb:f4:ab:e2:b3:a3:f0:20:d5:eb:a1:
0f:ce:98:1d:bb:6f:5f:04:d3:f4:37:3b:3e:0f:16:80:fe:03:
c4:c3:65:18:22:c4:7b:0d:17:a5:54:01:88:db:36:6a:07:6c:
36:b9:b9:ce:9b:77:89:fd:a0:68:10:b9:53:e8:e8:85:78:83:
ef:9d:27:96:35:32:3b:d7:b5:2b:d7:43:46:30:4f:58:3c:21:
0f:28:63:fc:84:60:e9:ef:57:3c:91:e9:fd:52:c8:27:7a:1e:
da:d3:5a:98
======================================
---
Certificate chain
0 s:CN = booking.keithreillyphotography.com
i:C = US, O = Let's Encrypt, CN = R11
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgISBHjGVRG9yqjZPS81EkAF+1neMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjQwNjE1MTgzNzU4WhcNMjQwOTEzMTgzNzU3WjAtMSswKQYDVQQD
EyJib29raW5nLmtlaXRocmVpbGx5cGhvdG9ncmFwaHkuY29tMIICIjANBgkqhkiG
9w0BAQEFAAOCAg8AMIICCgKCAgEAvffZcSPhY2dGZWnvG52/BSloSzPi8FyZhqo8
d22bdIlGFHXvuQ87FxUDtE78TClINTzAQX5YE6YV/8IRKaSK+uHC25R+dsxyMLlv
KFjCgEtcH2maj5XoXZ4oQ0jJbOWg/34Ik0tecnf/CPJOI2FO638jqam3uwADU4KK
wJ4DwAuwQoUW442mol9sooQbVleeEB4jH+AnHi84I5fp1X11K7TZ1x+pVpRcN+o8
VHIuBF1ohVbsJ6wppe8/LVv8L6stClltGO4Xe0iyNVYlGUxxcfK5O7/jRYYJ6LL5
s8OUQoz27OWIeh5Weicve0LtFPoHpehdgYXKDZOh2Itql4htqO8kw6EfNTaZbF+O
yibtvVkNsHCbp2W44/pi39yrRdMx49/FSKhJ7isgV9IaneOi2Y7gTnEXPRA0b0VA
MmXty2FwNFkjpb7WLxXKlwRdhx2hsHxKrKgAHZJzhCDL03ugwxL8R2STf3izhF2u
TUtH6QbPeKHdmzlbky/P538KiPHpXWmEIzHFPjitnQHMw8fznKPwhpzCCVp/iJWo
Lr+JqJWPr6YKDc5MH6pm0w2ldwpF9srpF3Nx19t01hG+6IbBDhxsnzXM2a0SuMfu
mQU07/fNumQg8D9KN1ux/vGg0/p7I2EAfDRJcoIbNE1UjTikgwswnhFuYj5ziZDu
HSqpdDsCAwEAAaOCAiUwggIhMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUXeTdqUDQ
W//YbytnuwLQf3EezX8wHwYDVR0jBBgwFoAUxc9GpOr0w8B6bJXELbBeki8m47kw
VwYIKwYBBQUHAQEESzBJMCIGCCsGAQUFBzABhhZodHRwOi8vcjExLm8ubGVuY3Iu
b3JnMCMGCCsGAQUFBzAChhdodHRwOi8vcjExLmkubGVuY3Iub3JnLzAtBgNVHREE
JjAkgiJib29raW5nLmtlaXRocmVpbGx5cGhvdG9ncmFwaHkuY29tMBMGA1UdIAQM
MAowCAYGZ4EMAQIBMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUAGZgQcQnw1lIu
MIDSnj9ku4NuKMz5D1KO7t/OSj8WtMoAAAGQHWgWDwAABAMARjBEAiBlio+tPIWm
II12ygxcCfkytrqsqqRZNh6vlTBLi4PpAgIgGYzzl834cXiqqXS4R2U+RCdrTnX4
APjexxZo4rg02VcAdgB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAA
AZAdaBZOAAAEAwBHMEUCIQDdwIn4NDFE643XG2Q2mwDKRILtm1wQhVfw10i4isL/
1wIgcgWDqa2XkuRJ1ZPKMLN967Srfs09n3lLQhzvYLgQq+kwDQYJKoZIhvcNAQEL
BQADggEBAC0vIe3jrM8TEGUsSPxuqCn7DQ7BgxThBDO7SO698ZDIaM4xW4PVLhwt
mKdBKdtBrY7vULf6CSRppExeSzz8ZT7Jwg8tpqzLVDxMs4Bqr9bRL9ghuQXkjIpR
QQ907eThGZE5SkX12j1jv7+6XulZRFSldwVubZZIhEb+C4TKMSIvn1kjgQJAGT89
9EnybONc5uhiqE6mRy2onJ8IaKH8CsFKvVTNQuuV9vgCHWZPXvSifBbepOQsUajn
GRcJfurzv+mkRyNj3RLbcxUCjKBvoyUlBfijQGrNuJ2HmK48AN7vwol0n3zxQuXx
V8NZLcZKdmuO1k0NPf+8/poqUIdUzqg=
-----END CERTIFICATE-----
1 s:C = US, O = Let's Encrypt, CN = R11
i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
-----BEGIN CERTIFICATE-----
MIIFBjCCAu6gAwIBAgIRAIp9PhPWLzDvI4a9KQdrNPgwDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
WhcNMjcwMzEyMjM1OTU5WjAzMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDEMMAoGA1UEAxMDUjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuoe8XBsAOcvKCs3UZxD5ATylTqVhyybKUvsVAbe5KPUoHu0nsyQYOWcJ
DAjs4DqwO3cOvfPlOVRBDE6uQdaZdN5R2+97/1i9qLcT9t4x1fJyyXJqC4N0lZxG
AGQUmfOx2SLZzaiSqhwmej/+71gFewiVgdtxD4774zEJuwm+UE1fj5F2PVqdnoPy
6cRms+EGZkNIGIBloDcYmpuEMpexsr3E+BUAnSeI++JjF5ZsmydnS8TbKF5pwnnw
SVzgJFDhxLyhBax7QG0AtMJBP6dYuC/FXJuluwme8f7rsIU5/agK70XEeOtlKsLP
Xzze41xNG/cLJyuqC0J3U095ah2H2QIDAQABo4H4MIH1MA4GA1UdDwEB/wQEAwIB
hjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwEgYDVR0TAQH/BAgwBgEB
/wIBADAdBgNVHQ4EFgQUxc9GpOr0w8B6bJXELbBeki8m47kwHwYDVR0jBBgwFoAU
ebRZ5nu25eQBc4AIiMgaWPbpm24wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAC
hhZodHRwOi8veDEuaS5sZW5jci5vcmcvMBMGA1UdIAQMMAowCAYGZ4EMAQIBMCcG
A1UdHwQgMB4wHKAaoBiGFmh0dHA6Ly94MS5jLmxlbmNyLm9yZy8wDQYJKoZIhvcN
AQELBQADggIBAE7iiV0KAxyQOND1H/lxXPjDj7I3iHpvsCUf7b632IYGjukJhM1y
v4Hz/MrPU0jtvfZpQtSlET41yBOykh0FX+ou1Nj4ScOt9ZmWnO8m2OG0JAtIIE38
01S0qcYhyOE2G/93ZCkXufBL713qzXnQv5C/viOykNpKqUgxdKlEC+Hi9i2DcaR1
e9KUwQUZRhy5j/PEdEglKg3l9dtD4tuTm7kZtB8v32oOjzHTYw+7KdzdZiw/sBtn
UfhBPORNuay4pJxmY/WrhSMdzFO2q3Gu3MUBcdo27goYKjL9CTF8j/Zz55yctUoV
aneCWs/ajUX+HypkBTA+c8LGDLnWO2NKq0YD/pnARkAnYGPfUDoHR9gVSp/qRx+Z
WghiDLZsMwhN1zjtSC0uBWiugF3vTNzYIEFfaPG7Ws3jDrAMMYebQ95JQ+HIBD/R
PBuHRTBpqKlyDnkSHDHYPiNX3adPoPAcgdF3H2/W0rmoswMWgTlLn1Wu0mrks7/q
pdWfS6PJ1jty80r2VKsM/Dj3YIDfbjXKdaFU5C+8bhfJGqU3taKauuz0wHVGT3eo
6FlWkWYtbt4pgdamlwVeZEW+LM7qZEJEsMNPrfC03APKmZsJgpWCDWOKZvkZcvjV
uYkQ4omYCTX5ohy+knMjdOmdH9c7SpqEWBDC86fiNex+O0XOMEZSa8DA
-----END CERTIFICATE-----
---
Server certificate
subject=CN = booking.keithreillyphotography.com
issuer=C = US, O = Let's Encrypt, CN = R11
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 4182 bytes and written 425 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 4096 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
DONE