SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
It's all good. We have not detected any issues.
| Hostname: | done Matches Common Name or/and SAN |
| Expired: | done No (75 days till expiration) |
| Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
| Trusted: | done Yes, we were able to verify the certificate |
| Self-Signed: | done No, the end-entity certificate is not self-signed |
| Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
| Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
| OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
| CNAME: | elb1.jellyfin.org. |
| Resolves To: | 68.183.204.194 |
| Reverse IP lookup: | elb1.jellyfin.org. |
| Nameserver: | ns-195-a.gandi.net. |
| Nameserver: | ns-163-b.gandi.net. |
| Nameserver: | ns-65-c.gandi.net. |
General Information
| Common Name: | elb1.jellyfin.org |
| SANs: | DNS:api.jellyfin.orgDNS:apps.jellyfin.orgDNS:demo.jellyfin.orgDNS:docs.jellyfin.orgDNS:elb1.jellyfin.orgDNS:features.jellyfin.orgDNS:forum.jellyfin.orgDNS:forums.jellyfin.orgDNS:kodi.jellyfin.orgDNS:notes.jellyfin.orgDNS:oauth.jellyfin.orgDNS:repo.jellyfin.orgDNS:static.jellyfin.orgDNS:translate.jellyfin.org Total number of SANs: 14 |
| Signature Algorithm: | sha256WithRSAEncryption |
| Key Type: | RSA |
| Key size: | 2048 bits |
| Serial Number: | 48d58c2ed6baebed7095bcc4691c303703c |
| Not Before: | Jan 06, 2025 05:09:31 GMT |
| Not After: | Apr 06, 2025 05:09:30 GMT |
| Number of certs: | 2 |
| Revocation Status: | good |
| OCSP Stapling: | Not Supported |
| Server: | Kestrel |
| HSTS: | max-age=31536000;includeSubDomains;preload |
| HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: elb1.jellyfin.org
Decode this certificate for verbose information → launch| Subject Common Name | elb1.jellyfin.org |
| Issuer Common Name | R11 |
| Issuer Organization | Let's Encrypt |
| Not Before: | Jan 06, 2025 05:09:31 GMT |
| Not After: | Apr 06, 2025 05:09:30 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 48d58c2ed6baebed7095bcc4691c303703c |
| SHA1 Fingerprint: | 2C:83:4C:75:62:B1:55:3E:F4:C5:5B:F8:68:EC:01:4F:5A:CC:44:58 |
| MD5 Fingerprint: | EB:2A:89:47:FA:2B:B6:DD:62:E4:C8:93:4B:21:66:F5 |
Certificate # 2 - Common Name: R11
Decode this certificate for verbose information → launch| In place? | Yes, this certificate directly certifies the preceding one |
| Subject Common Name | R11 |
| Subject Organization | Let's Encrypt |
| Issuer Common Name | ISRG Root X1 |
| Issuer Organization | Internet Security Research Group |
| Not Before: | Mar 13, 2024 00:00:00 GMT |
| Not After: | Mar 12, 2027 23:59:59 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 8a7d3e13d62f30ef2386bd29076b34f8 |
| SHA1 Fingerprint: | 69:6D:B3:AF:0D:FF:C1:7E:65:C6:A2:0D:92:5C:5A:7B:D2:4D:EC:7E |
| MD5 Fingerprint: | 2F:AC:04:55:31:47:F4:6A:49:DF:9B:4E:BE:A6:DF:43 |
OpenSSL Handshake
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = R11 verify return:1 depth=0 CN = elb1.jellyfin.org verify return:1 CONNECTED(00000003) OCSP response: no response sent --- Certificate chain 0 s:CN = elb1.jellyfin.org i:C = US, O = Let's Encrypt, CN = R11 -----BEGIN CERTIFICATE----- MIIF/jCCBOagAwIBAgISBI1Ywu1rrr7XCVvMRpHDA3A8MA0GCSqGSIb3DQEBCwUA MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD EwNSMTEwHhcNMjUwMTA2MDUwOTMxWhcNMjUwNDA2MDUwOTMwWjAcMRowGAYDVQQD ExFlbGIxLmplbGx5ZmluLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALDbAS+T86Ko78aBcAxDtdk6Z5Nj8oh2ao7fHAus87FPIEHyQMO5n63+5uGQ msWsnxWHhs9CCLG5lJ0xLV+dszvWE2kGay3PRbseokHeJ1NgPNLOH3hEQ1DB+08B 7KwiLMmDL+8aCMyXscHqSQ2JbVo4NdHIhJyGiDYtzL0fgw+xNmy+4OY8KjSoc4dS m18ujNkT5AQH2NDbiUpUmQNTGlQsd4NCfCOtthSnHaI/sO5g4ccHML4GgFHh5L22 uId436oq6hSaRExGaVk4+22lRMenj+Mbh76s4TESZeqE+8Q+9oTkh0URmHcdVyMR kfMpz1wrXl9sDuylm1xC23pUbk8CAwEAAaOCAyEwggMdMA4GA1UdDwEB/wQEAwIF oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd BgNVHQ4EFgQUtzfxVoIl0pSl/DBEEaZhmzsHLo4wHwYDVR0jBBgwFoAUxc9GpOr0 w8B6bJXELbBeki8m47kwVwYIKwYBBQUHAQEESzBJMCIGCCsGAQUFBzABhhZodHRw Oi8vcjExLm8ubGVuY3Iub3JnMCMGCCsGAQUFBzAChhdodHRwOi8vcjExLmkubGVu Y3Iub3JnLzCCASYGA1UdEQSCAR0wggEZghBhcGkuamVsbHlmaW4ub3JnghFhcHBz LmplbGx5ZmluLm9yZ4IRZGVtby5qZWxseWZpbi5vcmeCEWRvY3MuamVsbHlmaW4u b3JnghFlbGIxLmplbGx5ZmluLm9yZ4IVZmVhdHVyZXMuamVsbHlmaW4ub3JnghJm b3J1bS5qZWxseWZpbi5vcmeCE2ZvcnVtcy5qZWxseWZpbi5vcmeCEWtvZGkuamVs bHlmaW4ub3JnghJub3Rlcy5qZWxseWZpbi5vcmeCEm9hdXRoLmplbGx5ZmluLm9y Z4IRcmVwby5qZWxseWZpbi5vcmeCE3N0YXRpYy5qZWxseWZpbi5vcmeCFnRyYW5z bGF0ZS5qZWxseWZpbi5vcmcwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEE AdZ5AgQCBIH1BIHyAPAAdgCi4wrkRe+9rZt+OO1HZ3dT14JbhJTXK14bLMS5UKRH 5wAAAZQ6OjiYAAAEAwBHMEUCIEJAMQnpK/qZFWYJ9HgL5WsA5sVxa+VVcpIpZSn5 Sp6fAiEAhiT7g8na1YZtk6Vno/QItsdE1lfMmC52in7YAupHzrYAdgDgkrP8DB3I 52g2H95huZZNClJ4GYpy1nLEsE2lbW9UBAAAAZQ6OjkvAAAEAwBHMEUCIHEaSu1J dL+/3LgJS1taICDF/NY1aD7L7WJtSuRFpjqxAiEAvFmWGyjvUCmoSoVeRntWYJTD J6azPVpjCHxkYxLZeH0wDQYJKoZIhvcNAQELBQADggEBAAO9R3rWFjIkelAphryS s6ugT3ehGiJjd1ZLB3FiiwvQGjMVLdzmXa9GVHkn6nWMUo8ktS0NOU/qrva3wu7a ii+H3G/NJq2/dC0wVvxJPVCuklrWb/QxOGRw2KOjH1uGTpu2XorgMplAklDy26F+ SzFBn5lccbKkeIms4pO4LPwvgOGLfYp+kolrrNGq74QgVZTwLp6GLpW5QX2hHnzy K+KIPHtm0ZbnX7pbmeuqcfWWpyPz04NWrZ3EE+ZiNamNIU3ltoAClEpLommEDj7T pZZZ1BgZYYzbEjL/1BszZ4rwW65dPMtoc3yyyrdKr3t4f9Gjvz5pq4ELpAmn1/K3 ros= -----END CERTIFICATE----- 1 s:C = US, O = Let's Encrypt, CN = R11 i:C = US, O = Internet Security Research Group, CN = ISRG Root X1 -----BEGIN CERTIFICATE----- MIIFBjCCAu6gAwIBAgIRAIp9PhPWLzDvI4a9KQdrNPgwDQYJKoZIhvcNAQELBQAw TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw WhcNMjcwMzEyMjM1OTU5WjAzMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg RW5jcnlwdDEMMAoGA1UEAxMDUjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAuoe8XBsAOcvKCs3UZxD5ATylTqVhyybKUvsVAbe5KPUoHu0nsyQYOWcJ DAjs4DqwO3cOvfPlOVRBDE6uQdaZdN5R2+97/1i9qLcT9t4x1fJyyXJqC4N0lZxG AGQUmfOx2SLZzaiSqhwmej/+71gFewiVgdtxD4774zEJuwm+UE1fj5F2PVqdnoPy 6cRms+EGZkNIGIBloDcYmpuEMpexsr3E+BUAnSeI++JjF5ZsmydnS8TbKF5pwnnw SVzgJFDhxLyhBax7QG0AtMJBP6dYuC/FXJuluwme8f7rsIU5/agK70XEeOtlKsLP Xzze41xNG/cLJyuqC0J3U095ah2H2QIDAQABo4H4MIH1MA4GA1UdDwEB/wQEAwIB hjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwEgYDVR0TAQH/BAgwBgEB /wIBADAdBgNVHQ4EFgQUxc9GpOr0w8B6bJXELbBeki8m47kwHwYDVR0jBBgwFoAU ebRZ5nu25eQBc4AIiMgaWPbpm24wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAC hhZodHRwOi8veDEuaS5sZW5jci5vcmcvMBMGA1UdIAQMMAowCAYGZ4EMAQIBMCcG A1UdHwQgMB4wHKAaoBiGFmh0dHA6Ly94MS5jLmxlbmNyLm9yZy8wDQYJKoZIhvcN AQELBQADggIBAE7iiV0KAxyQOND1H/lxXPjDj7I3iHpvsCUf7b632IYGjukJhM1y v4Hz/MrPU0jtvfZpQtSlET41yBOykh0FX+ou1Nj4ScOt9ZmWnO8m2OG0JAtIIE38 01S0qcYhyOE2G/93ZCkXufBL713qzXnQv5C/viOykNpKqUgxdKlEC+Hi9i2DcaR1 e9KUwQUZRhy5j/PEdEglKg3l9dtD4tuTm7kZtB8v32oOjzHTYw+7KdzdZiw/sBtn UfhBPORNuay4pJxmY/WrhSMdzFO2q3Gu3MUBcdo27goYKjL9CTF8j/Zz55yctUoV aneCWs/ajUX+HypkBTA+c8LGDLnWO2NKq0YD/pnARkAnYGPfUDoHR9gVSp/qRx+Z WghiDLZsMwhN1zjtSC0uBWiugF3vTNzYIEFfaPG7Ws3jDrAMMYebQ95JQ+HIBD/R PBuHRTBpqKlyDnkSHDHYPiNX3adPoPAcgdF3H2/W0rmoswMWgTlLn1Wu0mrks7/q pdWfS6PJ1jty80r2VKsM/Dj3YIDfbjXKdaFU5C+8bhfJGqU3taKauuz0wHVGT3eo 6FlWkWYtbt4pgdamlwVeZEW+LM7qZEJEsMNPrfC03APKmZsJgpWCDWOKZvkZcvjV uYkQ4omYCTX5ohy+knMjdOmdH9c7SpqEWBDC86fiNex+O0XOMEZSa8DA -----END CERTIFICATE----- --- Server certificate subject=CN = elb1.jellyfin.org issuer=C = US, O = Let's Encrypt, CN = R11 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL handshake has read 3393 bytes and written 408 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- DONE