Namecheap.com
SSL Checker SSL & CSR Decoder CSR Generator SSL Converter

SSL Checker

Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.

Report

Hostname: Matches Common Name or/and SAN
Expired: No (43 days till expiration)
Public Key: We were unable to find any issues in the public key of end-entity certificate
Trusted: Yes, we were able to verify the certificate
Self-Signed: No, the end-entity certificate is not self-signed
Chain Issues: No, we were unable to detect any issues in the certificate chain sent by the server
Weak signatures: No, certificates sent by the server were not signed utilizing a weak hash function
OCSP Status: OCSP Responder returned "good" status for the end-entity certificate

DNS Information

Resolves To: 193.99.144.80
Reverse IP lookup: redirector.heise.de.
Nameserver: ns2.pop-hannover.net.
Nameserver: ns.s.plusline.de.
Nameserver: ns.pop-hannover.de.
Nameserver: ns.heise.de.
Nameserver: ns.plusline.de.

General Information

Common Name: heise.de
SANs: DNS:heise.de Total number of SANs: 1
Signature Algorithm: sha256WithRSAEncryption
Key Type: RSA
Key size: 2048 bits
Serial Number: 32dd860cc75ec2c7fe14eb70d27e2ace398
Not Before: Mar 11, 2024 17:52:11 GMT
Not After: Jun 09, 2024 17:52:10 GMT
Number of certs: 2
Revocation Status: good
OCSP Stapling: Not Supported
Server: nginx
HSTS: max-age=604800
HPKP: Not Supported

Chain Information

Certificate # 1 - Common Name: heise.de

Decode this certificate for verbose information →
Subject Common Name heise.de
Issuer Common Name R3
Issuer Organization Let's Encrypt
Not Before: Mar 11, 2024 17:52:11 GMT
Not After: Jun 09, 2024 17:52:10 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 32dd860cc75ec2c7fe14eb70d27e2ace398
SHA1 Fingerprint: B4:56:B7:8E:E4:06:B8:DC:77:1A:9E:EB:24:1B:B0:73:BA:79:E8:EC
MD5 Fingerprint: 1B:46:14:E1:AF:90:F9:88:E3:65:AC:D4:F4:08:E6:ED

Certificate # 2 - Common Name: R3

Decode this certificate for verbose information →
In place? Yes, this certificate directly certifies the preceding one
Subject Common Name R3
Subject Organization Let's Encrypt
Issuer Common Name ISRG Root X1
Issuer Organization Internet Security Research Group
Not Before: Sep 04, 2020 00:00:00 GMT
Not After: Sep 15, 2025 16:00:00 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 912b084acf0c18a753f6d62e25a75f5a
SHA1 Fingerprint: A0:53:37:5B:FE:84:E8:B7:48:78:2C:7C:EE:15:82:7A:6A:F5:A4:05
MD5 Fingerprint: E8:29:E6:5D:7C:43:07:D6:FB:C1:3C:17:9E:03:7A:36

OpenSSL Handshake

depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = heise.de
verify return:1
CONNECTED(00000003)
OCSP response: no response sent
---
Certificate chain
 0 s:CN = heise.de
   i:C = US, O = Let's Encrypt, CN = R3
-----BEGIN CERTIFICATE-----
MIIE3jCCA8agAwIBAgISAy3YYMx17Cx/4U63DSfirOOYMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAzMTExNzUyMTFaFw0yNDA2MDkxNzUyMTBaMBMxETAPBgNVBAMT
CGhlaXNlLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx38UBwLx
iEieo5/CdRpW3LHBkQRCjznBeu2qsaoQJ2cq23zGx2DLCFKhyMzZxKZT7fjjtPfm
VkEYwKjFqk3qVUcFDXGAVXO8r3cNxyFa7o3riAfxwTicWhq34jVOXWF8GH0MVo91
snHJeJ8h8TogpAuUebmQK4lL4eKwTRdohfnVVrP8CAq/qbhXDYA3NI/zSUHc39zC
G04i8tuG0MUUBCuCTR3aTg6wruEQobLPoCYRfsbnDyw7cx5ufw/tzr5AlkE0sQWs
+1ZfkbWqxmNv0llWoGfLICPuXipLcTp0Qakc/mD6y5z0Ji2l2sWQ1rwJxE7eQvSz
k06REgXUVXMYYwIDAQABo4ICCzCCAgcwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT0
6VDZeBcA+ROo45E12ZqBEAFcMzAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+d
ixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxl
bmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzATBgNV
HREEDDAKgghoZWlzZS5kZTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB
1nkCBAIEgfYEgfMA8QB3ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQX
AAABji7bqPIAAAQDAEgwRgIhAJkzl7gRgXYHyYoemUscIMjhwLTxXV7E8tgckPZj
FBszAiEA5dWSTTOOtdFjn/5PRwDUuR2M0wNJC1l5a6shexA1hrIAdgCi4r/WHt4v
Lweg1k5tN6fcZUOwxrUuotq3iviabfUX2AAAAY4u26kqAAAEAwBHMEUCIC7JJtqT
/WTgf49KIWOlpgHrzD3nwoXI1rwCcawygPkSAiEA5lPoUqSsegJ47fhdq7n7rdxi
my4AgZxCNseXotecATswDQYJKoZIhvcNAQELBQADggEBAEFQuJB2y+r1NJIUDLIZ
ZCubhevWXofZ8KE1Augi+ZNInus6iStkgWCqsEOGIRiJkCEUnL6BSLoDfc3km+ZD
jhoLNW1lgNFhivFq7DbMbo5F5dzFzTfQ1S/scIn3R6odJk5HuvmMQb4VeHYXy6wI
aWGZ/PLABtMsfkBfIy18WQ6fiQiX6oNW44HEvcL5xH/rYy1gjN+HR7Eo+jCOlG/w
doPBjPzHvLk0qE0AEvTc7jOgKRUMq+aXmzVyHjSPHhFIs5ZnUU5lR72QsO/GjsIQ
6XjPn+2AFTRwXZS0tcJYyTnPi0JfDjmSmw95nHjY6EFUlV/nXfz4lBQfxJVz1sQ0
2Sc=
-----END CERTIFICATE-----
 1 s:C = US, O = Let's Encrypt, CN = R3
   i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
nLRbwHOoq7hHwg==
-----END CERTIFICATE-----
---
Server certificate
subject=CN = heise.de

issuer=C = US, O = Let's Encrypt, CN = R3

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3220 bytes and written 412 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: EF201EB4C00BD2C7BD7836C54353CA85094F31D3CCE62B4EA41ED84190BD7247
    Session-ID-ctx: 
    Master-Key: EA668D8DD074CAC11D0466565A9A0E9B8EA6769EFF0CE345A5B73E4D91CF495850DE5C50BF5B9004D86FEA414D50D50C
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    0000 - f4 4e 87 43 dc 1e 5d 44-ba f1 5e f3 3f 88 b0 52   .N.C..]D..^.?..R
    0010 - 12 2d e0 c9 c7 35 7b d3-26 8c b1 2b e4 7c 8f 02   .-...5{.&..+.|..
    0020 - 45 4b c4 50 30 0e aa 0c-81 16 9d de 9d 4b 3e 5c   EK.P0........K>\
    0030 - cb 70 8e 08 45 70 80 2c-3a fb e1 fd fa cf 1f 55   .p..Ep.,:......U
    0040 - 6b 1e 39 f3 6c 96 f9 d6-22 72 72 09 6e f4 d2 89   k.9.l..."rr.n...
    0050 - f3 8f 8d ad 75 8a 43 fa-59 85 53 bd 08 8a fa 85   ....u.C.Y.S.....
    0060 - 16 22 1b 61 79 08 ac 58-9f 77 ac 05 82 04 02 a3   .".ay..X.w......
    0070 - e5 59 fc 00 a3 77 b6 5c-ab 05 fd 51 b0 57 db a1   .Y...w.\...Q.W..
    0080 - 72 66 37 63 45 0e d4 65-77 4e 36 e8 96 a8 66 50   rf7cE..ewN6...fP
    0090 - 02 bc 4d 47 0e 89 13 6d-c2 05 91 e1 b7 bd f7 cf   ..MG...m........
    00a0 - 42 e2 18 6b e3 61 49 1b-55 8f b2 f0 e4 1b ea 4d   B..k.aI.U......M
    00b0 - 79 03 e4 02 14 3d 3d fe-3a 3c 2f b4 9c 15 29 4f   y....==.:</...)O

    Start Time: 1714171449
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: yes
---
DONE