SSL Checker

Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.

Report

Hostname:	Matches Common Name or/and SAN
Expired:	Yes (expired 314 days ago)
Public Key:	We were unable to find any issues in the public key of end-entity certificate
Trusted:	Yes, we were able to verify the certificate
Self-Signed:	No, the end-entity certificate is not self-signed
Chain Issues:	No, we were unable to detect any issues in the certificate chain sent by the server
Weak signatures:	No, certificates sent by the server were not signed utilizing a weak hash function

DNS Information

Resolves To:	158.58.181.221
Reverse IP lookup:	nmd-frontvip-01.ig-1.net.
Nameserver:	ns11.gcd-dns.com.
Nameserver:	ns12.gcd-dns.com.

General Information

Common Name:	*.cnet.de
SANs:	DNS:*.cnet.deDNS:cnet.de Total number of SANs: 2
Signature Algorithm:	sha256WithRSAEncryption
Key Type:	RSA
Key size:	2048 bits
Serial Number:	cd8d07e81cc4d62b09219fa1c7d27a07
Not Before:	Jun 16, 2022 00:00:00 GMT
Not After:	Jun 16, 2023 23:59:59 GMT
Number of certs:	2
Revocation Status:	This check is not applicable to expired certificates
OCSP Stapling:	Not Supported
Server:	Not Provided
HSTS:	Not Supported
HPKP:	Not Supported

Chain Information

Certificate # 1 - Common Name: *.cnet.de

Decode this certificate for verbose information →

Subject Common Name	*.cnet.de
Issuer Common Name	Gandi Standard SSL CA 2
Issuer Organization	Gandi
Not Before:	Jun 16, 2022 00:00:00 GMT
Not After:	Jun 16, 2023 23:59:59 GMT
Signature Algorithm:	sha256WithRSAEncryption
Serial Number:	cd8d07e81cc4d62b09219fa1c7d27a07
SHA1 Fingerprint:	A5:38:26:08:50:33:3B:84:26:A8:F1:02:CF:5F:41:22:3E:57:E8:90
MD5 Fingerprint:	7E:38:78:0B:69:03:93:92:96:77:4B:E8:F8:A5:6F:35

Certificate # 2 - Common Name: Gandi Standard SSL CA 2

Decode this certificate for verbose information →

In place?	Yes, this certificate directly certifies the preceding one
Subject Common Name	Gandi Standard SSL CA 2
Subject Organization	Gandi
Issuer Common Name	USERTrust RSA Certification Authority
Issuer Organization	The USERTRUST Network
Not Before:	Sep 12, 2014 00:00:00 GMT
Not After:	Sep 11, 2024 23:59:59 GMT
Signature Algorithm:	sha384WithRSAEncryption
Serial Number:	5e4dc3b9438ab3b8597cba6a19850e3
SHA1 Fingerprint:	24:71:06:A4:05:B2:88:A4:6E:70:A0:26:27:17:16:2D:09:03:E7:34
MD5 Fingerprint:	1A:9A:69:A8:1F:6D:A9:2D:87:F7:69:4E:16:D8:B8:79

OpenSSL Handshake

depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
verify return:1
depth=1 C = FR, ST = Paris, L = Paris, O = Gandi, CN = Gandi Standard SSL CA 2
verify return:1
depth=0 CN = *.cnet.de
verify error:num=10:certificate has expired
notAfter=Jun 16 23:59:59 2023 GMT
verify return:1
depth=0 CN = *.cnet.de
notAfter=Jun 16 23:59:59 2023 GMT
verify return:1
CONNECTED(00000003)
OCSP response: no response sent
---
Certificate chain
 0 s:CN = *.cnet.de
   i:C = FR, ST = Paris, L = Paris, O = Gandi, CN = Gandi Standard SSL CA 2
-----BEGIN CERTIFICATE-----
MIIGKDCCBRCgAwIBAgIRAM2NB+gcxNYrCSGfocfSegcwDQYJKoZIhvcNAQELBQAw
XzELMAkGA1UEBhMCRlIxDjAMBgNVBAgTBVBhcmlzMQ4wDAYDVQQHEwVQYXJpczEO
MAwGA1UEChMFR2FuZGkxIDAeBgNVBAMTF0dhbmRpIFN0YW5kYXJkIFNTTCBDQSAy
MB4XDTIyMDYxNjAwMDAwMFoXDTIzMDYxNjIzNTk1OVowFDESMBAGA1UEAwwJKi5j
bmV0LmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LdrTuW+rpVs
s6inU9n+2niXN4c9OMPq6YEXFpTJgpApLW0us3ldbjsJtbP/RBqYFfaF53zN/qrW
TUV8gCkSBwGkMhLg8cz4SJg5IwGYMiyLwnN4mY5uOiFxx2Uyy1EbBum5Hdp4iPaj
5mvPyqPpgMKiUxT0qjGlHYr7oi+PszAMZf7k0mCfFDE/X0dzoLRRM2rkFe9e7aP/
ZbObMWsnHJwez80MqLXMT7It+CbVeDLjicU2N9G/OhF+6uUE2ar2vuJ6Em3ALJ4w
R8p+gbALuNSfgLRZmwFVS78/TWqXjXfvLKmRxxrmhBWwHR13fsdjOohwhWn5znAb
g/rdV34zkwIDAQABo4IDKDCCAyQwHwYDVR0jBBgwFoAUs5Cn2MmvTs1hPJ98rV1/
Qf1pMOowHQYDVR0OBBYEFCKjGkIdqdxHRN7hkHpCaQJ1seZiMA4GA1UdDwEB/wQE
AwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjBLBgNVHSAERDBCMDYGCysGAQQBsjEBAgIaMCcwJQYIKwYBBQUHAgEWGWh0dHBz
Oi8vY3BzLnVzZXJ0cnVzdC5jb20wCAYGZ4EMAQIBMEEGA1UdHwQ6MDgwNqA0oDKG
MGh0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9HYW5kaVN0YW5kYXJkU1NMQ0EyLmNy
bDBzBggrBgEFBQcBAQRnMGUwPAYIKwYBBQUHMAKGMGh0dHA6Ly9jcnQudXNlcnRy
dXN0LmNvbS9HYW5kaVN0YW5kYXJkU1NMQ0EyLmNydDAlBggrBgEFBQcwAYYZaHR0
cDovL29jc3AudXNlcnRydXN0LmNvbTAdBgNVHREEFjAUggkqLmNuZXQuZGWCB2Nu
ZXQuZGUwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2AK33vvp8/xDIi509nB4+
GGq0Zyldz7EMJMqFhjTr3IKKAAABgW2OCs4AAAQDAEcwRQIhANvaLgdHdS29/jwZ
DCTXfWIKrH9/v3jcEUJv5jSvN6T1AiBW51jXuCI4BajlyuXWHuV0Ggp2yznDRTOG
2fQA4RR8BgB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABgW2O
CrUAAAQDAEcwRQIhAO2oWrezol1if8Z+IXBv5uwo6aicW0PoHL7IL15JIpnbAiBG
YSLi3/ioy+YOoNvmTTHgY+vF0/5UTDlmF1f8SYapegB3AOg+0No+9QY1MudXKLyJ
a8kD08vREWvs62nhd31tBr1uAAABgW2OCmoAAAQDAEgwRgIhAN0o6ciiiU186/KE
Q6hKj7nfnlpekzKMjjtOjonzwdyIAiEA2b1Qd/hLxG/EdEZ1ZpYC+COQ4LlGrv7Y
cDgsP2p3BTQwDQYJKoZIhvcNAQELBQADggEBAA53jUYCohFExvCUQgLO0oyFvwHf
MiQuWHZ5QB43qit3Y9qdwDQ1odps96JuaqUV1OEYoqwTmcgqmnIx193jPZC0bXSe
PS/8cWHi00keg+qxnjJkDY7C8wqb7d19U+RKazng2tpAL9XuJCnN67KU5TydUjFJ
quZkzQ0zRjlbINLp66PSabW8YW0fVqgr+Bc28Z1uaxPkQLOpVEbKvqXbXZ2gr/s6
5a3T3MQHHE1afCrEsFMA0wI7nqBg8r6/i5GSsM1F77OOqRAWVZ3xsVT5MCwVdJH+
fszq7ZNkWaf8XfR1RVvcXXmHSYoqbcioN0plpl6VKcjUtFvzcR5A9xeaKKo=
-----END CERTIFICATE-----
 1 s:C = FR, ST = Paris, L = Paris, O = Gandi, CN = Gandi Standard SSL CA 2
   i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
-----BEGIN CERTIFICATE-----
MIIF6TCCA9GgAwIBAgIQBeTcO5Q4qzuFl8umoZhQ4zANBgkqhkiG9w0BAQwFADCB
iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQw
OTEyMDAwMDAwWhcNMjQwOTExMjM1OTU5WjBfMQswCQYDVQQGEwJGUjEOMAwGA1UE
CBMFUGFyaXMxDjAMBgNVBAcTBVBhcmlzMQ4wDAYDVQQKEwVHYW5kaTEgMB4GA1UE
AxMXR2FuZGkgU3RhbmRhcmQgU1NMIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCUBC2meZV0/9UAPPWu2JSxKXzAjwsLibmCg5duNyj1ohrP0pIL
m6jTh5RzhBCf3DXLwi2SrCG5yzv8QMHBgyHwv/j2nPqcghDA0I5O5Q1MsJFckLSk
QFEW2uSEEi0FXKEfFxkkUap66uEHG4aNAXLy59SDIzme4OFMH2sio7QQZrDtgpbX
bmq08j+1QvzdirWrui0dOnWbMdw+naxb00ENbLAb9Tr1eeohovj0M1JLJC0epJmx
bUi8uBL+cnB89/sCdfSN3tbawKAyGlLfOGsuRTg/PwSWAP2h9KK71RfWJ3wbWFmV
XooS/ZyrgT5SKEhRhWvzkbKGPym1bgNi7tYFAgMBAAGjggF1MIIBcTAfBgNVHSME
GDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUs5Cn2MmvTs1hPJ98
rV1/Qf1pMOowDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGy
MQECAhowCAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNl
cnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNy
bDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRy
dXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZ
aHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAWGf9
crJq13xhlhl+2UNG0SZ9yFP6ZrBrLafTqlb3OojQO3LJUP33WbKqaPWMcwO7lWUX
zi8c3ZgTopHJ7qFAbjyY1lzzsiI8Le4bpOHeICQW8owRc5E69vrOJAKHypPstLbI
FhfFcvwnQPYT/pOmnVHvPCvYd1ebjGU6NSU2t7WKY28HJ5OxYI2A25bUeo8tqxyI
yW5+1mUfr13KFj8oRtygNeX56eXVlogMT8a3d2dIhCe2H7Bo26y/d7CQuKLJHDJd
ArolQ4FCR7vY4Y8MDEZf7kYzawMUgtN+zY+vkNaOJH1AQrRqahfGlZfh8jjNp+20
J0CT33KpuMZmYzc4ZCIwojvxuch7yPspOqsactIGEk72gtQjbz7Dk+XYtsDe3CMW
1hMwt6CaDixVBgBwAc/qOR2A24j3pSC4W/0xJmmPLQphgzpHphNULB7j7UTKvGof
KA5R2d4On3XNDgOVyvnFqSot/kGkoUeuDcL5OWYzSlvhhChZbH2UF3bkRYKtcCD9
0m9jqNf6oDP6N8v3smWe2lBvP+Sn845dWDKXcCMu5/3EFZucJ48y7RetWIExKREa
m9T8bJUox04FB6b9HbwZ4ui3uRGKLXASUoWNjDNKD/yZkuBjcNqllEdjB+dYxzFf
BT02Vf6Dsuimrdfp5gJ0iHRc2jTbkNJtUQoj1iM=
-----END CERTIFICATE-----
---
Server certificate
subject=CN = *.cnet.de

issuer=C = FR, ST = Paris, L = Paris, O = Gandi, CN = Gandi Standard SSL CA 2

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3662 bytes and written 398 bytes
Verification error: certificate has expired
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 10 (certificate has expired)
---
DONE