SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
| Hostname: | done Matches Common Name or/and SAN |
| Expired: | done No (207 days till expiration) |
| Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
| Trusted: | close We were unable to verify this certificate |
| Self-Signed: | done No, the end-entity certificate is not self-signed |
| Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
| Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
| OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
| Resolves To: | 213.59.253.7 |
| Reverse IP lookup: | No records found |
| Nameserver: | ns4-l2.nic.ru. |
| Nameserver: | ns8-l2.nic.ru. |
| Nameserver: | ns1.gosuslugi.ru. |
| Nameserver: | ns2.gosuslugi.ru. |
General Information
| Common Name: | *.gosuslugi.ru |
| SANs: | DNS:*.gosuslugi.ruDNS:gosuslugi.ru Total number of SANs: 2 |
| Signature Algorithm: | sha256WithRSAEncryption |
| Key Type: | RSA |
| Key size: | 2048 bits |
| Serial Number: | 1109c142e3605e9f4a329bc7 |
| Not Before: | Oct 12, 2023 13:37:03 GMT |
| Not After: | Nov 12, 2024 10:41:41 GMT |
| Number of certs: | 3 |
| Revocation Status: | good |
| OCSP Stapling: | Not Supported |
| Server: | nginx |
| HSTS: | max-age=16070400 |
| HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: *.gosuslugi.ru
Decode this certificate for verbose information → launch| Subject Common Name | *.gosuslugi.ru |
| Issuer Common Name | GlobalSign GCC R3 DV TLS CA 2020 |
| Issuer Organization | GlobalSign nv-sa |
| Not Before: | Oct 12, 2023 13:37:03 GMT |
| Not After: | Nov 12, 2024 10:41:41 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 1109c142e3605e9f4a329bc7 |
| SHA1 Fingerprint: | 70:90:52:82:B3:80:51:42:C3:82:50:82:01:B4:CD:D5:C1:2C:CB:CC |
| MD5 Fingerprint: | 11:15:D6:1D:29:97:16:3D:ED:4F:CD:62:32:B9:1E:57 |
Certificate # 2 - Common Name: GlobalSign GCC R3 DV TLS CA 2020
Decode this certificate for verbose information → launch| In place? | Yes, this certificate directly certifies the preceding one |
| Subject Common Name | GlobalSign GCC R3 DV TLS CA 2020 |
| Subject Organization | GlobalSign nv-sa |
| Issuer Common Name | GlobalSign |
| Issuer Organization | GlobalSign |
| Not Before: | Jul 28, 2020 00:00:00 GMT |
| Not After: | Mar 18, 2029 00:00:00 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 77bd0e0742d5d9e9d049d774d02a6f9a |
| SHA1 Fingerprint: | 1C:61:0A:0A:87:D4:92:F4:83:22:C2:AF:D3:BE:9B:6A:D3:6B:6B:EE |
| MD5 Fingerprint: | A6:E7:E3:48:48:27:FD:C4:E0:C9:16:5B:AA:82:C7:4C |
Certificate # 3 - Common Name: GlobalSign
Decode this certificate for verbose information → launch| In place? | Yes, this certificate directly certifies the preceding one |
| Subject Common Name | GlobalSign |
| Subject Organization | GlobalSign |
| Issuer Common Name | GlobalSign |
| Issuer Organization | GlobalSign |
| Not Before: | Mar 18, 2009 10:00:00 GMT |
| Not After: | Mar 18, 2029 10:00:00 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 4000000000121585308a2 |
| SHA1 Fingerprint: | D6:9B:56:11:48:F0:1C:77:C5:45:78:C1:09:26:DF:5B:85:69:76:AD |
| MD5 Fingerprint: | C5:DF:B8:49:CA:05:13:55:EE:2D:BA:1A:C3:3E:B0:28 |
OpenSSL Handshake
depth=2 OU = GlobalSign Root CA - R3, O = GlobalSign, CN = GlobalSign
verify error:num=19:self signed certificate in certificate chain
verify return:1
depth=2 OU = GlobalSign Root CA - R3, O = GlobalSign, CN = GlobalSign
verify return:1
depth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign GCC R3 DV TLS CA 2020
verify return:1
depth=0 CN = *.gosuslugi.ru
verify return:1
CONNECTED(00000003)
OCSP response: no response sent
---
Certificate chain
0 s:CN = *.gosuslugi.ru
i:C = BE, O = GlobalSign nv-sa, CN = GlobalSign GCC R3 DV TLS CA 2020
-----BEGIN CERTIFICATE-----
MIIGUjCCBTqgAwIBAgIMEQnBQuNgXp9KMpvHMA0GCSqGSIb3DQEBCwUAMFMxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSkwJwYDVQQDEyBH
bG9iYWxTaWduIEdDQyBSMyBEViBUTFMgQ0EgMjAyMDAeFw0yMzEwMTIxMzM3MDNa
Fw0yNDExMTIxMDQxNDFaMBkxFzAVBgNVBAMMDiouZ29zdXNsdWdpLnJ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxP3G04Ed1BEk9wxgMxFIDHENmNVI
4wX8Mvj9JbfoPaIYScDwBiH7UeD3ZpnnSRPIgy7zY8zWmO9ghlvXEr6/wDUn8gjI
uY8YSGoPwyFKglFOERDXjaXS09OwDF9teY4xru+ckvAHaXaPD9P7MUCNfnpJvfQM
yb33+77ViOme9Z/SVzqKI1klaHKTM1bm7y6iFyoOPA2HQI1gZ0Tg+scZLth0OM00
c5rf/A7DpPdT8Z9/j7vd70nN4GHzZ8OZLks7MFTuCOoXlfOGDTkBWKuvEpzzIaG9
wxSNbK8vzhHuwTCgYMB8ZyjYC+xRecu6wolRrZkS8NCsoL5uJDsiOBXaGQIDAQAB
o4IDXjCCA1owDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwgZMGCCsGAQUF
BwEBBIGGMIGDMEYGCCsGAQUFBzAChjpodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24u
Y29tL2NhY2VydC9nc2djY3IzZHZ0bHNjYTIwMjAuY3J0MDkGCCsGAQUFBzABhi1o
dHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9nc2djY3IzZHZ0bHNjYTIwMjAwVgYD
VR0gBE8wTTBBBgkrBgEEAaAyAQowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cu
Z2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMEEGA1UdHwQ6MDgw
NqA0oDKGMGh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3NnY2NyM2R2dGxzY2Ey
MDIwLmNybDAnBgNVHREEIDAegg4qLmdvc3VzbHVnaS5ydYIMZ29zdXNsdWdpLnJ1
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBQNmMBz
f6u9vdlHS0mtCkoMrD7HfDAdBgNVHQ4EFgQU4ISg+ZZWPrI3fXnq09ZXVFA0XcYw
ggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB3AEiw42vapkc0D+VqAvqdMOscUgHL
Vt0sgdm7v6s52IRzAAABiyQa6icAAAQDAEgwRgIhAMn+jbWsxi5x2oT38dskr9E1
3IyIsUgbuqPqDLljSBx8AiEAqZQkH4VSRdbRDqAJMyXtRSi9Q212MijQqbd9iEL3
DhoAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYskGutyAAAE
AwBHMEUCIQCN8KHv4DFrIK3pSah12E07NxWsX/hYDfA6GZNB+jbDDgIgRTfjSz0c
IdqM90mBP5wsK+MlfVolbXuBdrGHW/eBbWwAdgDatr9rP7W2Ip+bwrtca+hwkXFs
u1GEhTS9pD0wSNf7qwAAAYskGujNAAAEAwBHMEUCIBzmU2Bds2rUXyafzlz94O2n
4QwPhEtiFi7n5lCJAmR/AiEAnR1qmbwJC+5IMQjbzdWvk7L/R/oXe+K+5df0mER0
PKcwDQYJKoZIhvcNAQELBQADggEBADk3m5rV9evHEZgtNxncN5lEQiaqUFNrS5w9
Oa7uWqzus+/MyaF6xYQ+5vDO5KOkVgTbmYX5LxcJW0VxSbjQn4tGth0ATV5OVujk
c0m6ZvS6KW6/+7rAWcwvOuosZa233nxoob6f7snecVLqH6KuRwdHI2BrD3SRJYjt
ZDJFFFzjQ5CaLRnILrtNEQncQpc0e7Yh0k8qZa/3KJMeAeNrYH9kLsTFTM8U4Np4
ae84SP+H/35vyUZQsZwHD+1TGdWHlc0upkGgBFFVYF8t8uYYa0HCIA+Xi/1Zkp2V
fAFHQ7fgTX6BbFE3GEmayNyXOH3O5EPGp+gMQbPgmK60Q3u6r0k=
-----END CERTIFICATE-----
1 s:C = BE, O = GlobalSign nv-sa, CN = GlobalSign GCC R3 DV TLS CA 2020
i:OU = GlobalSign Root CA - R3, O = GlobalSign, CN = GlobalSign
-----BEGIN CERTIFICATE-----
MIIEsDCCA5igAwIBAgIQd70OB0LV2enQSdd00CpvmjANBgkqhkiG9w0BAQsFADBM
MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA3MjgwMDAwMDBaFw0y
OTAzMTgwMDAwMDBaMFMxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu
IG52LXNhMSkwJwYDVQQDEyBHbG9iYWxTaWduIEdDQyBSMyBEViBUTFMgQ0EgMjAy
MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxnlJV/de+OpwyvCXAJ
IcxPCqkFPh1lttW2oljS3oUqPKq8qX6m7K0OVKaKG3GXi4CJ4fHVUgZYE6HRdjqj
hhnuHY6EBCBegcUFgPG0scB12Wi8BHm9zKjWxo3Y2bwhO8Fvr8R42pW0eINc6OTb
QXC0VWFCMVzpcqgz6X49KMZowAMFV6XqtItcG0cMS//9dOJs4oBlpuqX9INxMTGp
6EASAF9cnlAGy/RXkVS9nOLCCa7pCYV+WgDKLTF+OK2Vxw3RUJ/p8009lQeUARv2
UCcNNPCifYX1xIspvarkdjzLwzOdLahDdQbJON58zN4V+lMj0msg+c0KnywPIRp3
BMkCAwEAAaOCAYUwggGBMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUDZjA
c3+rvb3ZR0tJrQpKDKw+x3wwHwYDVR0jBBgwFoAUj/BLf6guRSSuTVD6Y5qL3uLd
G7wwewYIKwYBBQUHAQEEbzBtMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcDIuZ2xv
YmFsc2lnbi5jb20vcm9vdHIzMDsGCCsGAQUFBzAChi9odHRwOi8vc2VjdXJlLmds
b2JhbHNpZ24uY29tL2NhY2VydC9yb290LXIzLmNydDA2BgNVHR8ELzAtMCugKaAn
hiVodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jvb3QtcjMuY3JsMEcGA1UdIARA
MD4wPAYEVR0gADA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWdu
LmNvbS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAy8j/c550ea86oCkf
r2W+ptTCYe6iVzvo7H0V1vUEADJOWelTv07Obf+YkEatdN1Jg09ctgSNv2h+LMTk
KRZdAXmsE3N5ve+z1Oa9kuiu7284LjeS09zHJQB4DJJJkvtIbjL/ylMK1fbMHhAW
i0O194TWvH3XWZGXZ6ByxTUIv1+kAIql/Mt29PmKraTT5jrzcVzQ5A9jw16yysuR
XRrLODlkS1hyBjsfyTNZrmL1h117IFgntBA5SQNVl9ckedq5r4RSAU85jV8XK5UL
REjRZt2I6M9Po9QL7guFLu4sPFJpwR1sPJvubS2THeo7SxYoNDtdyBHs7euaGcMa
D/fayQ==
-----END CERTIFICATE-----
2 s:OU = GlobalSign Root CA - R3, O = GlobalSign, CN = GlobalSign
i:OU = GlobalSign Root CA - R3, O = GlobalSign, CN = GlobalSign
-----BEGIN CERTIFICATE-----
MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G
A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp
Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4
MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG
A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8
RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT
gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm
KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd
QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ
XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o
LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU
RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp
jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK
6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX
mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs
Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH
WD9f
-----END CERTIFICATE-----
---
Server certificate
subject=CN = *.gosuslugi.ru
issuer=C = BE, O = GlobalSign nv-sa, CN = GlobalSign GCC R3 DV TLS CA 2020
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 4208 bytes and written 449 bytes
Verification error: self signed certificate in certificate chain
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 8FA2992433F6DC99168BF43D3B5E27549EAFC2AABE5FD036B778D3FA4B2EB590
Session-ID-ctx:
Master-Key: 984A8FF67957D8FA4030336A6ED464B0B99BC9AF9AC65EDD2EC3A5A28E827AAF0C2A8264DCD7403D0D286ADE37B835C4
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1713509503
Timeout : 7200 (sec)
Verify return code: 19 (self signed certificate in certificate chain)
Extended master secret: yes
---
DONE