SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
It's all good. We have not detected any issues.
| Hostname: | done Matches Common Name or/and SAN |
| Expired: | done No (86 days till expiration) |
| Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
| Trusted: | done Yes, we were able to verify the certificate |
| Self-Signed: | done No, the end-entity certificate is not self-signed |
| Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
| Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
| OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
| Resolves To: | 71.115.165.14 |
| Reverse IP lookup: | pool-71-115-165-14.syrcny.fios.verizon.net. |
| Nameserver: | iris.ns.cloudflare.com. |
| Nameserver: | sam.ns.cloudflare.com. |
General Information
| Common Name: | harry.lu |
| SANs: | DNS:harry.lu Total number of SANs: 1 |
| Signature Algorithm: | sha256WithRSAEncryption |
| Key Type: | RSA |
| Key size: | 2048 bits |
| Serial Number: | 44b6cc35ac588c33b4677e79129134ff1b3 |
| Not Before: | Apr 20, 2024 12:35:50 GMT |
| Not After: | Jul 19, 2024 12:35:49 GMT |
| Number of certs: | 2 |
| Revocation Status: | good |
| OCSP Stapling: | Supported |
| Server: | nginx |
| HSTS: | Not Supported |
| HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: harry.lu
Decode this certificate for verbose information → launch| Subject Common Name | harry.lu |
| Issuer Common Name | R3 |
| Issuer Organization | Let's Encrypt |
| Not Before: | Apr 20, 2024 12:35:50 GMT |
| Not After: | Jul 19, 2024 12:35:49 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 44b6cc35ac588c33b4677e79129134ff1b3 |
| SHA1 Fingerprint: | 26:00:02:65:72:1A:B8:09:13:65:CE:78:C2:C5:54:2C:14:31:EA:0D |
| MD5 Fingerprint: | 30:95:A1:79:1F:9E:F9:66:38:C5:DB:80:A2:D4:BA:54 |
Certificate # 2 - Common Name: R3
Decode this certificate for verbose information → launch| In place? | Yes, this certificate directly certifies the preceding one |
| Subject Common Name | R3 |
| Subject Organization | Let's Encrypt |
| Issuer Common Name | ISRG Root X1 |
| Issuer Organization | Internet Security Research Group |
| Not Before: | Sep 04, 2020 00:00:00 GMT |
| Not After: | Sep 15, 2025 16:00:00 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 912b084acf0c18a753f6d62e25a75f5a |
| SHA1 Fingerprint: | A0:53:37:5B:FE:84:E8:B7:48:78:2C:7C:EE:15:82:7A:6A:F5:A4:05 |
| MD5 Fingerprint: | E8:29:E6:5D:7C:43:07:D6:FB:C1:3C:17:9E:03:7A:36 |
OpenSSL Handshake
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = harry.lu
verify return:1
CONNECTED(00000003)
OCSP response:
======================================
OCSP Response Data:
OCSP Response Status: successful (0x0)
Response Type: Basic OCSP Response
Version: 1 (0x0)
Responder Id: C = US, O = Let's Encrypt, CN = R3
Produced At: Apr 23 06:29:00 2024 GMT
Responses:
Certificate ID:
Hash Algorithm: sha1
Issuer Name Hash: 48DAC9A0FB2BD32D4FF0DE68D2F567B735F9B3C4
Issuer Key Hash: 142EB317B75856CBAE500940E61FAF9D8B14C2C6
Serial Number: 044B6CC35AC588C33B4677E79129134FF1B3
Cert Status: good
This Update: Apr 23 06:29:00 2024 GMT
Next Update: Apr 30 06:28:58 2024 GMT
Signature Algorithm: sha256WithRSAEncryption
6a:c0:da:76:22:dd:90:89:68:db:2e:a7:47:99:d0:2d:44:19:
6c:69:b9:3c:59:eb:2a:9f:df:c3:d9:cb:8f:b4:86:30:79:22:
80:b3:24:e4:44:4a:4a:12:63:59:58:a6:30:95:4e:a6:ea:8a:
1c:d6:8c:50:86:5d:d6:e7:9e:1c:5d:e8:5a:c6:83:8d:30:2b:
df:b3:ad:2f:4e:fa:94:59:79:4a:45:6a:1b:4d:76:d9:fe:e6:
52:3a:29:1a:da:4a:59:c9:94:fa:74:fc:11:2b:e6:54:f6:18:
ec:72:99:51:62:24:5c:d9:b9:66:19:54:91:5c:19:d3:ed:ae:
0c:46:16:8d:d1:11:f4:23:14:2e:47:41:d5:eb:96:df:d2:16:
9f:ec:4e:ba:9e:6c:e4:ee:33:0e:b8:2c:a4:f1:e4:ce:e0:e0:
72:52:d4:f1:40:97:fd:02:ab:4b:f5:c1:be:80:11:d6:fa:f7:
54:d5:44:c9:6a:77:74:b3:a5:72:7d:2e:9c:f5:6c:63:ff:e6:
1a:6c:bb:3b:94:32:0f:f8:c3:ac:53:f8:55:9a:a1:9e:d2:d2:
a8:cf:39:ea:3e:24:dd:54:3e:1d:75:49:b6:e5:f2:11:e7:ee:
3c:c8:db:6c:76:78:ed:29:3b:f4:bd:22:99:7e:96:a1:aa:85:
ad:c2:53:53
======================================
---
Certificate chain
0 s:CN = harry.lu
i:C = US, O = Let's Encrypt, CN = R3
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgISBEtsw1rFiMM7RnfnkSkTT/GzMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA0MjAxMjM1NTBaFw0yNDA3MTkxMjM1NDlaMBMxETAPBgNVBAMT
CGhhcnJ5Lmx1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnliLP3nn
6qgEEzHG82qHIu2o7EtAYZlFvF/WMSQc7qEZWmtssQ0Ve2zZdUvVSwrBj8pkSvxm
5X1Fv+XKxD6cqh0SPGwqvI54kuJOA7HaACAfgsfWofgj+mQ+rr0RwDf4MqsQ9vrV
1WF5zu0Y+bHyRsd063HROISoAEE+pkMsabIf/FPDf8rwQO0YW4zjw+zoYQVviszh
q3mSmMO9quyuny1cPOOrlH+M6Q+oE33vvSt4jixq7+DsV6NJxaFahm6VWYDAmR4P
P3jY5LrIFrWx146oDhg3eBXnQ25ZtpAQHUcMHimhgQXA0W9KxgVbvhYQQTA1BdXy
5oZuyAdzSq+/iQIDAQABo4ICCjCCAgYwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQc
4wYbK9FcQlzekHuCQZVXkOuJSTAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+d
ixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxl
bmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzATBgNV
HREEDDAKgghoYXJyeS5sdTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB
1nkCBAIEgfUEgfIA8AB1ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQX
AAABjvu4aqYAAAQDAEYwRAIgYD/j2BJjaGMqP1GQjImwlUrpHl32lfkGurPDgP1X
A80CIH+TQbqK76p/X4l1YlfPQKeWGL9IiUpWqdkIDvZ+g6lAAHcA3+FW66oFr7Wc
D4ZxjajAMk6uVtlup/WlagHRwTu+UlwAAAGO+7hrZgAABAMASDBGAiEAq9UgpXNJ
uEZ/fUcQESf6lmTtwmUF7fVPkESsfDPARcECIQCvwxQHd91OZH160XyX1KRcJb85
SVfaYJuDQ4kF/yan7TANBgkqhkiG9w0BAQsFAAOCAQEAuPoR7U3e2LK8Y0i5vX37
RLIevIAVL5EcDh/kDQSw+ythA7LP3jJaEt3bLCGhfBj8GClEYqSQQzfbnHlYC7r1
vJYmYUPXU/CtvRfYc3K0O2rpMhnIMWqBC5dBkDczFiXZa/g4Ttk2jCVH2R+REz7P
mwsl1XQTkMQXjWoYMznhUHi6tjhjl4mduDOSJR8afg+nFc5DXK3pM7kVR64vsgNd
46zaFv+guGIOIoFcV0p5TqyCi8KNaFT0ESvmYBlKotj1L0RSycIy66+Hjx+yCwMV
uSLLt+Ig5xZeHdPEauDe7PBnGLU/VyHcRilcLXkBlaVtOvoeiiCs2t9X8m3v9sEm
Sw==
-----END CERTIFICATE-----
1 s:C = US, O = Let's Encrypt, CN = R3
i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
nLRbwHOoq7hHwg==
-----END CERTIFICATE-----
---
Server certificate
subject=CN = harry.lu
issuer=C = US, O = Let's Encrypt, CN = R3
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3552 bytes and written 404 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-CHACHA20-POLY1305
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-CHACHA20-POLY1305
Session-ID: 5C9883662F51FA9AC8EEBC4193070279A604D29FFD670867A8D997C8B32E3503
Session-ID-ctx:
Master-Key: 23D8CA247488B3ABA354DB4A43E3E3B9DC48FF77A673A4DC60A12A2564CF15EC1E64B3376F218ED7E504B409A3FF6176
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1713912717
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: yes
---
DONE