SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
It's all good. We have not detected any issues.
Hostname: | done Matches Common Name or/and SAN |
Expired: | done No (56 days till expiration) |
Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
Trusted: | done Yes, we were able to verify the certificate |
Self-Signed: | done No, the end-entity certificate is not self-signed |
Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
Resolves To: | 156.98.79.216 |
Reverse IP lookup: | web2.commissions.leg.state.mn.us. |
Nameserver: | ns2.state.mn.us. |
Nameserver: | ns1.state.mn.us. |
Nameserver: | ns3.state.mn.us. |
General Information
Common Name: | dev.commissions.leg.state.mn.us |
SANs: | DNS:dev.commissions.leg.state.mn.usDNS:dev.gis.lcc.mn.gov Total number of SANs: 2 |
Signature Algorithm: | ecdsa-with-SHA384 |
Key Type: | ECDSA (secp256r1) |
Key size: | 256 bits |
Serial Number: | 33e23940b01cdd9ca62bc69840c1dbf6e0a |
Not Before: | Jun 23, 2024 06:07:23 GMT |
Not After: | Sep 21, 2024 06:07:22 GMT |
Number of certs: | 2 |
Revocation Status: | good |
OCSP Stapling: | Not Supported |
Server: | Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.1.33 |
HSTS: | Not Supported |
HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: dev.commissions.leg.state.mn.us
Decode this certificate for verbose information → launchSubject Common Name | dev.commissions.leg.state.mn.us |
Issuer Common Name | E6 |
Issuer Organization | Let's Encrypt |
Not Before: | Jun 23, 2024 06:07:23 GMT |
Not After: | Sep 21, 2024 06:07:22 GMT |
Signature Algorithm: | ecdsa-with-SHA384 |
Serial Number: | 33e23940b01cdd9ca62bc69840c1dbf6e0a |
SHA1 Fingerprint: | 1F:F9:78:E1:BA:BF:93:25:C3:1E:7B:52:6E:02:5C:5F:49:AD:9B:35 |
MD5 Fingerprint: | A3:0E:EC:33:2C:D6:99:23:DA:37:6F:9F:AD:D4:AA:BF |
Certificate # 2 - Common Name: E6
Decode this certificate for verbose information → launchIn place? | Yes, this certificate directly certifies the preceding one |
Subject Common Name | E6 |
Subject Organization | Let's Encrypt |
Issuer Common Name | ISRG Root X1 |
Issuer Organization | Internet Security Research Group |
Not Before: | Mar 13, 2024 00:00:00 GMT |
Not After: | Mar 12, 2027 23:59:59 GMT |
Signature Algorithm: | sha256WithRSAEncryption |
Serial Number: | b0573e9173972770dbb487cb3a452b38 |
SHA1 Fingerprint: | C9:4D:C4:83:1A:90:1A:9F:EC:0F:B4:9B:71:BD:49:B5:AA:D4:FA:D0 |
MD5 Fingerprint: | 26:86:4C:28:A4:DE:37:F5:69:C1:EC:87:A0:EC:CB:27 |
OpenSSL Handshake
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = E6 verify return:1 depth=0 CN = dev.commissions.leg.state.mn.us verify return:1 CONNECTED(00000003) OCSP response: no response sent --- Certificate chain 0 s:CN = dev.commissions.leg.state.mn.us i:C = US, O = Let's Encrypt, CN = E6 -----BEGIN CERTIFICATE----- MIIDsTCCAzigAwIBAgISAz4jlAsBzdnKYrxphAwdv24KMAoGCCqGSM49BAMDMDIx CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF NjAeFw0yNDA2MjMwNjA3MjNaFw0yNDA5MjEwNjA3MjJaMCoxKDAmBgNVBAMTH2Rl di5jb21taXNzaW9ucy5sZWcuc3RhdGUubW4udXMwWTATBgcqhkjOPQIBBggqhkjO PQMBBwNCAATF20oRLPyNb4Vpei7vYMhGw9KkB6yifUrK6Cj5/4/Uq1I+0ZzGQfZP 7HcwtwjPtGFEfOy4TMefX6EwdCmcLnQWo4ICNDCCAjAwDgYDVR0PAQH/BAQDAgeA MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0G A1UdDgQWBBQ0uMUbhpbfDjy9QjVpHJNGhVF4hDAfBgNVHSMEGDAWgBSTJ0aYA6lR aI6Y1sRCSNsjv1iU0jBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6 Ly9lNi5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL2U2LmkubGVuY3Iu b3JnLzA+BgNVHREENzA1gh9kZXYuY29tbWlzc2lvbnMubGVnLnN0YXRlLm1uLnVz ghJkZXYuZ2lzLmxjYy5tbi5nb3YwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEDBgor BgEEAdZ5AgQCBIH0BIHxAO8AdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+r OdiEcwAAAZBD68aqAAAEAwBHMEUCIQCjqfh9DHl0C5i6VeIFfjIKtciOot9FFRQ5 KSrNw/pLYAIgV5xEr8Bs6hYqnnpo8tKXI+7qsjxtm9HeXl18auSFyqQAdQDf4Vbr qgWvtZwPhnGNqMAyTq5W2W6n9aVqAdHBO75SXAAAAZBD68dwAAAEAwBGMEQCIFiQ icJ7TKHF0OKs+4EJ7chEvUBWpL73dQVBgtHT5DVUAiBio/VAC1coQnZq4xjQmszW dzyZexQY9b1F8ALo0lQ69jAKBggqhkjOPQQDAwNnADBkAjA1OYMbo/xrxgYacmCb wHcAf3gvF3MXI1idRNNxlgd6C7QTqtXtzbiMj/g5F1Q3fesCMCDxzs5BGBfVRuLb Sily0LDZg2+WKUK/uhq41YoNN8vmg1+w4jMmAGdkU+QrWDX8MA== -----END CERTIFICATE----- 1 s:C = US, O = Let's Encrypt, CN = E6 i:C = US, O = Internet Security Research Group, CN = ISRG Root X1 -----BEGIN CERTIFICATE----- MIIEVzCCAj+gAwIBAgIRALBXPpFzlydw27SHyzpFKzgwDQYJKoZIhvcNAQELBQAw TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg RW5jcnlwdDELMAkGA1UEAxMCRTYwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATZ8Z5G h/ghcWCoJuuj+rnq2h25EqfUJtlRFLFhfHWWvyILOR/VvtEKRqotPEoJhC6+QJVV 6RlAN2Z17TJOdwRJ+HB7wxjnzvdxEP6sdNgA1O1tHHMWMxCcOrLqbGL0vbijgfgw gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSTJ0aYA6lRaI6Y1sRCSNsj v1iU0jAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAfYt7SiA1sgWGCIpunk46r4AExIRc MxkKgUhNlrrv1B21hOaXN/5miE+LOTbrcmU/M9yvC6MVY730GNFoL8IhJ8j8vrOL pMY22OP6baS1k9YMrtDTlwJHoGby04ThTUeBDksS9RiuHvicZqBedQdIF65pZuhp eDcGBcLiYasQr/EO5gxxtLyTmgsHSOVSBcFOn9lgv7LECPq9i7mfH3mpxgrRKSxH pOoZ0KXMcB+hHuvlklHntvcI0mMMQ0mhYj6qtMFStkF1RpCG3IPdIwpVCQqu8GV7 s8ubknRzs+3C/Bm19RFOoiPpDkwvyNfvmQ14XkyqqKK5oZ8zhD32kFRQkxa8uZSu h4aTImFxknu39waBxIRXE4jKxlAmQc4QjFZoq1KmQqQg0J/1JF8RlFvJas1VcjLv YlvUB2t6npO6oQjB3l+PNf0DpQH7iUx3Wz5AjQCi6L25FjyE06q6BZ/QlmtYdl/8 ZYao4SRqPEs/6cAiF+Qf5zg2UkaWtDphl1LKMuTNLotvsX99HP69V2faNyegodQ0 LyTApr/vT01YPE46vNsDLgK+4cL6TrzC/a4WcmF5SRJ938zrv/duJHLXQIku5v0+ EwOy59Hdm0PT/Er/84dDV0CSjdR/2XuZM3kpysSKLgD1cKiDA+IRguODCxfO9cyY Ig46v9mFmBvyH04= -----END CERTIFICATE----- --- Server certificate subject=CN = dev.commissions.leg.state.mn.us issuer=C = US, O = Let's Encrypt, CN = E6 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: ECDSA Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 2393 bytes and written 468 bytes Verification: OK --- New, TLSv1.2, Cipher is ECDHE-ECDSA-AES256-GCM-SHA384 Server public key is 256 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-ECDSA-AES256-GCM-SHA384 Session-ID: 53938BDB23EB2DC03CC55919BB9FAD98BF23F3C6C8B43F93E0119FFEDB47380B Session-ID-ctx: Master-Key: 14D0F21F0E302206AA6E7AD7247181DD1307B2AC28671024AAFBF39711F6A6DC97DC642A2BF4DF1DC727384412C2B3E9 PSK identity: None PSK identity hint: None SRP username: None Start Time: 1722051165 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no --- DONE