SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
It's all good. We have not detected any issues.
Hostname: | done Matches Common Name or/and SAN |
Expired: | done No (42 days till expiration) |
Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
Trusted: | done Yes, we were able to verify the certificate |
Self-Signed: | done No, the end-entity certificate is not self-signed |
Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
Resolves To: | 156.98.79.216 |
Reverse IP lookup: | web2.commissions.leg.state.mn.us. |
Nameserver: | ns1.state.mn.us. |
Nameserver: | ns3.state.mn.us. |
Nameserver: | ns2.state.mn.us. |
General Information
Common Name: | dev.commissions.leg.state.mn.us |
SANs: | DNS:dev.commissions.leg.state.mn.usDNS:dev.gis.lcc.mn.gov Total number of SANs: 2 |
Signature Algorithm: | ecdsa-with-SHA384 |
Key Type: | ECDSA (secp256r1) |
Key size: | 256 bits |
Serial Number: | 3c4b62abadf241caa768b190cbb8e237b65 |
Not Before: | Oct 21, 2024 06:02:17 GMT |
Not After: | Jan 19, 2025 06:02:16 GMT |
Number of certs: | 2 |
Revocation Status: | good |
OCSP Stapling: | Not Supported |
Server: | Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.1.33 |
HSTS: | Not Supported |
HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: dev.commissions.leg.state.mn.us
Decode this certificate for verbose information → launchSubject Common Name | dev.commissions.leg.state.mn.us |
Issuer Common Name | E6 |
Issuer Organization | Let's Encrypt |
Not Before: | Oct 21, 2024 06:02:17 GMT |
Not After: | Jan 19, 2025 06:02:16 GMT |
Signature Algorithm: | ecdsa-with-SHA384 |
Serial Number: | 3c4b62abadf241caa768b190cbb8e237b65 |
SHA1 Fingerprint: | 4D:34:9C:BD:78:20:82:8A:24:FB:0D:A7:1D:B9:D4:1E:AC:BD:F7:02 |
MD5 Fingerprint: | E4:E6:68:C5:E9:64:69:21:06:26:32:C3:09:06:00:EF |
Certificate # 2 - Common Name: E6
Decode this certificate for verbose information → launchIn place? | Yes, this certificate directly certifies the preceding one |
Subject Common Name | E6 |
Subject Organization | Let's Encrypt |
Issuer Common Name | ISRG Root X1 |
Issuer Organization | Internet Security Research Group |
Not Before: | Mar 13, 2024 00:00:00 GMT |
Not After: | Mar 12, 2027 23:59:59 GMT |
Signature Algorithm: | sha256WithRSAEncryption |
Serial Number: | b0573e9173972770dbb487cb3a452b38 |
SHA1 Fingerprint: | C9:4D:C4:83:1A:90:1A:9F:EC:0F:B4:9B:71:BD:49:B5:AA:D4:FA:D0 |
MD5 Fingerprint: | 26:86:4C:28:A4:DE:37:F5:69:C1:EC:87:A0:EC:CB:27 |
OpenSSL Handshake
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = E6 verify return:1 depth=0 CN = dev.commissions.leg.state.mn.us verify return:1 CONNECTED(00000003) OCSP response: no response sent --- Certificate chain 0 s:CN = dev.commissions.leg.state.mn.us i:C = US, O = Let's Encrypt, CN = E6 -----BEGIN CERTIFICATE----- MIIDtDCCAzqgAwIBAgISA8S2KrrfJByqdosZDLuOI3tlMAoGCCqGSM49BAMDMDIx CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF NjAeFw0yNDEwMjEwNjAyMTdaFw0yNTAxMTkwNjAyMTZaMCoxKDAmBgNVBAMTH2Rl di5jb21taXNzaW9ucy5sZWcuc3RhdGUubW4udXMwWTATBgcqhkjOPQIBBggqhkjO PQMBBwNCAAQWP5YKK4C4R9safRDNu7fx+zz4XM+4GPGuB4Wh7Ex/X+YkR9a1ozU6 /pZ+adUFMOELUFfZvMr4PC1FbnlrSrVlo4ICNjCCAjIwDgYDVR0PAQH/BAQDAgeA MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0G A1UdDgQWBBTE978AG91X2GyaF3P73R9YZibPODAfBgNVHSMEGDAWgBSTJ0aYA6lR aI6Y1sRCSNsjv1iU0jBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6 Ly9lNi5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL2U2LmkubGVuY3Iu b3JnLzA+BgNVHREENzA1gh9kZXYuY29tbWlzc2lvbnMubGVnLnN0YXRlLm1uLnVz ghJkZXYuZ2lzLmxjYy5tbi5nb3YwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEFBgor BgEEAdZ5AgQCBIH2BIHzAPEAdgCi4wrkRe+9rZt+OO1HZ3dT14JbhJTXK14bLMS5 UKRH5wAAAZKt4NxjAAAEAwBHMEUCIC4sZr5HdTr9ODEvVY5dP+Qfn0WuxDlJ3CRt oLdqrrnoAiEAobBUD01x9o8mS7V63WYCE/gZWlzAfT2XwhhO45ADCEYAdwB9WR4S 4XgqexxhZ3xe/fjQh1wUoE6VnrkDL9kOjC55uAAAAZKt4NyLAAAEAwBIMEYCIQDC oK3FhmySU4Y7paKQ9jBoWDa9EIJXXEhQVUVv4h/a1gIhAPE9iwOq3CaJx/DnWWMA x7/CJgqZMiLDITxt7pG14gYIMAoGCCqGSM49BAMDA2gAMGUCMQC/9gkPgt88Z7xN /GEZH0zWwRL1+JUV9MR4tnIajbN8h0BoLXmGa+CHrWtj5G11c8kCMB9yfFlXqlZg bdxtGaFbpGmdusa9A2Esdu6c+m51f4Tb9wbW5gnmPhZNsgmD1ZsXyg== -----END CERTIFICATE----- 1 s:C = US, O = Let's Encrypt, CN = E6 i:C = US, O = Internet Security Research Group, CN = ISRG Root X1 -----BEGIN CERTIFICATE----- MIIEVzCCAj+gAwIBAgIRALBXPpFzlydw27SHyzpFKzgwDQYJKoZIhvcNAQELBQAw TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg RW5jcnlwdDELMAkGA1UEAxMCRTYwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATZ8Z5G h/ghcWCoJuuj+rnq2h25EqfUJtlRFLFhfHWWvyILOR/VvtEKRqotPEoJhC6+QJVV 6RlAN2Z17TJOdwRJ+HB7wxjnzvdxEP6sdNgA1O1tHHMWMxCcOrLqbGL0vbijgfgw gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSTJ0aYA6lRaI6Y1sRCSNsj v1iU0jAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAfYt7SiA1sgWGCIpunk46r4AExIRc MxkKgUhNlrrv1B21hOaXN/5miE+LOTbrcmU/M9yvC6MVY730GNFoL8IhJ8j8vrOL pMY22OP6baS1k9YMrtDTlwJHoGby04ThTUeBDksS9RiuHvicZqBedQdIF65pZuhp eDcGBcLiYasQr/EO5gxxtLyTmgsHSOVSBcFOn9lgv7LECPq9i7mfH3mpxgrRKSxH pOoZ0KXMcB+hHuvlklHntvcI0mMMQ0mhYj6qtMFStkF1RpCG3IPdIwpVCQqu8GV7 s8ubknRzs+3C/Bm19RFOoiPpDkwvyNfvmQ14XkyqqKK5oZ8zhD32kFRQkxa8uZSu h4aTImFxknu39waBxIRXE4jKxlAmQc4QjFZoq1KmQqQg0J/1JF8RlFvJas1VcjLv YlvUB2t6npO6oQjB3l+PNf0DpQH7iUx3Wz5AjQCi6L25FjyE06q6BZ/QlmtYdl/8 ZYao4SRqPEs/6cAiF+Qf5zg2UkaWtDphl1LKMuTNLotvsX99HP69V2faNyegodQ0 LyTApr/vT01YPE46vNsDLgK+4cL6TrzC/a4WcmF5SRJ938zrv/duJHLXQIku5v0+ EwOy59Hdm0PT/Er/84dDV0CSjdR/2XuZM3kpysSKLgD1cKiDA+IRguODCxfO9cyY Ig46v9mFmBvyH04= -----END CERTIFICATE----- --- Server certificate subject=CN = dev.commissions.leg.state.mn.us issuer=C = US, O = Let's Encrypt, CN = E6 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: ECDSA Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 2395 bytes and written 468 bytes Verification: OK --- New, TLSv1.2, Cipher is ECDHE-ECDSA-AES256-GCM-SHA384 Server public key is 256 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-ECDSA-AES256-GCM-SHA384 Session-ID: 8A5AD6D7E11D936F6DDC9F5AC2657BC28B5DDE3A216447245E5C67500B9BAD64 Session-ID-ctx: Master-Key: 725C1BF72184C9A7635CFFB37887885D9E545C6085F42674619AE398BBA1448A06CD26AC064C7BF46C749E67EF63A485 PSK identity: None PSK identity hint: None SRP username: None Start Time: 1733596542 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no --- DONE