SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
It's all good. We have not detected any issues.
| Hostname: | done Matches Common Name or/and SAN |
| Expired: | done No (56 days till expiration) |
| Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
| Trusted: | done Yes, we were able to verify the certificate |
| Self-Signed: | done No, the end-entity certificate is not self-signed |
| Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
| Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
| OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
| Resolves To: | 156.98.79.216 |
| Reverse IP lookup: | web2.commissions.leg.state.mn.us. |
| Nameserver: | ns2.state.mn.us. |
| Nameserver: | ns1.state.mn.us. |
| Nameserver: | ns3.state.mn.us. |
General Information
| Common Name: | dev.commissions.leg.state.mn.us |
| SANs: | DNS:dev.commissions.leg.state.mn.usDNS:dev.gis.lcc.mn.gov Total number of SANs: 2 |
| Signature Algorithm: | ecdsa-with-SHA384 |
| Key Type: | ECDSA (secp256r1) |
| Key size: | 256 bits |
| Serial Number: | 33e23940b01cdd9ca62bc69840c1dbf6e0a |
| Not Before: | Jun 23, 2024 06:07:23 GMT |
| Not After: | Sep 21, 2024 06:07:22 GMT |
| Number of certs: | 2 |
| Revocation Status: | good |
| OCSP Stapling: | Not Supported |
| Server: | Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.1.33 |
| HSTS: | Not Supported |
| HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: dev.commissions.leg.state.mn.us
Decode this certificate for verbose information → launch| Subject Common Name | dev.commissions.leg.state.mn.us |
| Issuer Common Name | E6 |
| Issuer Organization | Let's Encrypt |
| Not Before: | Jun 23, 2024 06:07:23 GMT |
| Not After: | Sep 21, 2024 06:07:22 GMT |
| Signature Algorithm: | ecdsa-with-SHA384 |
| Serial Number: | 33e23940b01cdd9ca62bc69840c1dbf6e0a |
| SHA1 Fingerprint: | 1F:F9:78:E1:BA:BF:93:25:C3:1E:7B:52:6E:02:5C:5F:49:AD:9B:35 |
| MD5 Fingerprint: | A3:0E:EC:33:2C:D6:99:23:DA:37:6F:9F:AD:D4:AA:BF |
Certificate # 2 - Common Name: E6
Decode this certificate for verbose information → launch| In place? | Yes, this certificate directly certifies the preceding one |
| Subject Common Name | E6 |
| Subject Organization | Let's Encrypt |
| Issuer Common Name | ISRG Root X1 |
| Issuer Organization | Internet Security Research Group |
| Not Before: | Mar 13, 2024 00:00:00 GMT |
| Not After: | Mar 12, 2027 23:59:59 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | b0573e9173972770dbb487cb3a452b38 |
| SHA1 Fingerprint: | C9:4D:C4:83:1A:90:1A:9F:EC:0F:B4:9B:71:BD:49:B5:AA:D4:FA:D0 |
| MD5 Fingerprint: | 26:86:4C:28:A4:DE:37:F5:69:C1:EC:87:A0:EC:CB:27 |
OpenSSL Handshake
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = E6
verify return:1
depth=0 CN = dev.commissions.leg.state.mn.us
verify return:1
CONNECTED(00000003)
OCSP response: no response sent
---
Certificate chain
0 s:CN = dev.commissions.leg.state.mn.us
i:C = US, O = Let's Encrypt, CN = E6
-----BEGIN CERTIFICATE-----
MIIDsTCCAzigAwIBAgISAz4jlAsBzdnKYrxphAwdv24KMAoGCCqGSM49BAMDMDIx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
NjAeFw0yNDA2MjMwNjA3MjNaFw0yNDA5MjEwNjA3MjJaMCoxKDAmBgNVBAMTH2Rl
di5jb21taXNzaW9ucy5sZWcuc3RhdGUubW4udXMwWTATBgcqhkjOPQIBBggqhkjO
PQMBBwNCAATF20oRLPyNb4Vpei7vYMhGw9KkB6yifUrK6Cj5/4/Uq1I+0ZzGQfZP
7HcwtwjPtGFEfOy4TMefX6EwdCmcLnQWo4ICNDCCAjAwDgYDVR0PAQH/BAQDAgeA
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0G
A1UdDgQWBBQ0uMUbhpbfDjy9QjVpHJNGhVF4hDAfBgNVHSMEGDAWgBSTJ0aYA6lR
aI6Y1sRCSNsjv1iU0jBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6
Ly9lNi5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL2U2LmkubGVuY3Iu
b3JnLzA+BgNVHREENzA1gh9kZXYuY29tbWlzc2lvbnMubGVnLnN0YXRlLm1uLnVz
ghJkZXYuZ2lzLmxjYy5tbi5nb3YwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEDBgor
BgEEAdZ5AgQCBIH0BIHxAO8AdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+r
OdiEcwAAAZBD68aqAAAEAwBHMEUCIQCjqfh9DHl0C5i6VeIFfjIKtciOot9FFRQ5
KSrNw/pLYAIgV5xEr8Bs6hYqnnpo8tKXI+7qsjxtm9HeXl18auSFyqQAdQDf4Vbr
qgWvtZwPhnGNqMAyTq5W2W6n9aVqAdHBO75SXAAAAZBD68dwAAAEAwBGMEQCIFiQ
icJ7TKHF0OKs+4EJ7chEvUBWpL73dQVBgtHT5DVUAiBio/VAC1coQnZq4xjQmszW
dzyZexQY9b1F8ALo0lQ69jAKBggqhkjOPQQDAwNnADBkAjA1OYMbo/xrxgYacmCb
wHcAf3gvF3MXI1idRNNxlgd6C7QTqtXtzbiMj/g5F1Q3fesCMCDxzs5BGBfVRuLb
Sily0LDZg2+WKUK/uhq41YoNN8vmg1+w4jMmAGdkU+QrWDX8MA==
-----END CERTIFICATE-----
1 s:C = US, O = Let's Encrypt, CN = E6
i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
-----BEGIN CERTIFICATE-----
MIIEVzCCAj+gAwIBAgIRALBXPpFzlydw27SHyzpFKzgwDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCRTYwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATZ8Z5G
h/ghcWCoJuuj+rnq2h25EqfUJtlRFLFhfHWWvyILOR/VvtEKRqotPEoJhC6+QJVV
6RlAN2Z17TJOdwRJ+HB7wxjnzvdxEP6sdNgA1O1tHHMWMxCcOrLqbGL0vbijgfgw
gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSTJ0aYA6lRaI6Y1sRCSNsj
v1iU0jAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAfYt7SiA1sgWGCIpunk46r4AExIRc
MxkKgUhNlrrv1B21hOaXN/5miE+LOTbrcmU/M9yvC6MVY730GNFoL8IhJ8j8vrOL
pMY22OP6baS1k9YMrtDTlwJHoGby04ThTUeBDksS9RiuHvicZqBedQdIF65pZuhp
eDcGBcLiYasQr/EO5gxxtLyTmgsHSOVSBcFOn9lgv7LECPq9i7mfH3mpxgrRKSxH
pOoZ0KXMcB+hHuvlklHntvcI0mMMQ0mhYj6qtMFStkF1RpCG3IPdIwpVCQqu8GV7
s8ubknRzs+3C/Bm19RFOoiPpDkwvyNfvmQ14XkyqqKK5oZ8zhD32kFRQkxa8uZSu
h4aTImFxknu39waBxIRXE4jKxlAmQc4QjFZoq1KmQqQg0J/1JF8RlFvJas1VcjLv
YlvUB2t6npO6oQjB3l+PNf0DpQH7iUx3Wz5AjQCi6L25FjyE06q6BZ/QlmtYdl/8
ZYao4SRqPEs/6cAiF+Qf5zg2UkaWtDphl1LKMuTNLotvsX99HP69V2faNyegodQ0
LyTApr/vT01YPE46vNsDLgK+4cL6TrzC/a4WcmF5SRJ938zrv/duJHLXQIku5v0+
EwOy59Hdm0PT/Er/84dDV0CSjdR/2XuZM3kpysSKLgD1cKiDA+IRguODCxfO9cyY
Ig46v9mFmBvyH04=
-----END CERTIFICATE-----
---
Server certificate
subject=CN = dev.commissions.leg.state.mn.us
issuer=C = US, O = Let's Encrypt, CN = E6
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: ECDSA
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 2393 bytes and written 468 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-ECDSA-AES256-GCM-SHA384
Server public key is 256 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES256-GCM-SHA384
Session-ID: 53938BDB23EB2DC03CC55919BB9FAD98BF23F3C6C8B43F93E0119FFEDB47380B
Session-ID-ctx:
Master-Key: 14D0F21F0E302206AA6E7AD7247181DD1307B2AC28671024AAFBF39711F6A6DC97DC642A2BF4DF1DC727384412C2B3E9
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1722051165
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---
DONE