SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
Hostname: | close Doesn't match Common Name or/and SANs |
Expired: | close Yes (expired 240 days ago) |
Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
Trusted: | close The end-entity certificate is self-signed |
Self-Signed: | close Yes, the end-entity certificate is self-signed |
Chain Issues: | close The chain doesn't contain any intermediate certificates |
Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
DNS Information
Resolves To: | 211.249.221.105 |
Reverse IP lookup: | No records found |
Nameserver: | ns1.kakao.com. |
Nameserver: | ns2.kakao.com. |
General Information
Common Name: | Kubernetes Ingress Controller Fake Certificate |
SANs: | DNS:ingress.local Total number of SANs: 1 |
Organization: | Acme Co |
Signature Algorithm: | sha256WithRSAEncryption |
Key Type: | RSA |
Key size: | 2048 bits |
Serial Number: | 790ee4942eaada97622fbc55a75ce7ee |
Not Before: | Aug 03, 2022 00:21:43 GMT |
Not After: | Aug 03, 2023 00:21:43 GMT |
Number of certs: | 1 |
Revocation Status: | This check is not applicable to expired certificates |
OCSP Stapling: | Not Supported |
Server: | Not Provided |
HSTS: | max-age=15724800 |
HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: Kubernetes Ingress Controller Fake Certificate
Decode this certificate for verbose information → launchSubject Common Name | Kubernetes Ingress Controller Fake Certificate |
Subject Organization | Acme Co |
Issuer Common Name | Kubernetes Ingress Controller Fake Certificate |
Issuer Organization | Acme Co |
Not Before: | Aug 03, 2022 00:21:43 GMT |
Not After: | Aug 03, 2023 00:21:43 GMT |
Signature Algorithm: | sha256WithRSAEncryption |
Serial Number: | 790ee4942eaada97622fbc55a75ce7ee |
SHA1 Fingerprint: | D6:A9:25:72:39:8A:07:C6:04:4A:02:5B:3C:CE:68:F1:86:0C:13:89 |
MD5 Fingerprint: | 32:D5:8D:10:D9:24:F4:58:B2:38:64:B8:51:AC:81:E0 |
OpenSSL Handshake
depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate verify error:num=18:self signed certificate verify return:1 depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate verify error:num=10:certificate has expired notAfter=Aug 3 00:21:43 2023 GMT verify return:1 depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate notAfter=Aug 3 00:21:43 2023 GMT verify return:1 CONNECTED(00000003) OCSP response: no response sent --- Certificate chain 0 s:O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate i:O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate -----BEGIN CERTIFICATE----- MIIDbzCCAlegAwIBAgIQeQ7klC6q2pdiL7xVp1zn7jANBgkqhkiG9w0BAQsFADBL MRAwDgYDVQQKEwdBY21lIENvMTcwNQYDVQQDEy5LdWJlcm5ldGVzIEluZ3Jlc3Mg Q29udHJvbGxlciBGYWtlIENlcnRpZmljYXRlMB4XDTIyMDgwMzAwMjE0M1oXDTIz MDgwMzAwMjE0M1owSzEQMA4GA1UEChMHQWNtZSBDbzE3MDUGA1UEAxMuS3ViZXJu ZXRlcyBJbmdyZXNzIENvbnRyb2xsZXIgRmFrZSBDZXJ0aWZpY2F0ZTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMl3vtIJbCpFE8vJoLsDWBFKLu+eorYg zZyEkUIwD2/HBV6U2cYPW1gxH1esia2BVZhgvk+ytWwu6tIwBThEUm22UxHtL5xp NM3ibzLfPmNDfbsZXEg8UiYqAYdJ55Gm7AFp9kCVYat6yitAoHYtuUovtnfbwGtT bA2nnLjm2d26WTiPA91e85QLfzUkrdtr8gHRNvc7zQBG3J4tr9Dr+/zVzF9UNCG/ R4bIYrZO9EpyIy5vLDEhlNmVp3wkO8IwdU9i06vtw+E1DNWXGC4XTglKNOSAKuaX pVeHvBEhoRjD7xYx8Q7xRfBvL9GcxNvSSwqgiQr+z1fTTtiYb83T8XMCAwEAAaNP ME0wDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB /wQCMAAwGAYDVR0RBBEwD4INaW5ncmVzcy5sb2NhbDANBgkqhkiG9w0BAQsFAAOC AQEAt9KFLioMMDyx2WeMn/S8MGoxjU3DwiByT8P64TaxN+VvpLdvhxqbCoJ2Tp4n 5uXJ8RYNFO43jRs/cRDlA2/FP9vkd4bwoexW0RfYyh2oObBU+9U5JxyOBOB925U7 HKB8BmjlKYGcMRU03EG9DuUn9bolxTU28BMLkTE52Pb2nwkuOELSTtt2Ptz4OcLz 6E/rgMpwHzpDYwNGmqfb8pHjGoW85Ma7jjHmBM1lLp/PrhBWKsfW63WJlvJllyPU WEYevJeuORks/rCBeIfMC1qKz5XcqWnCDyXYgqgtccuMPUmqtrQUzTZU52DHEzpl qRB6/VZsQY6l+io3tKltMwb6hA== -----END CERTIFICATE----- --- Server certificate subject=O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate issuer=O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL handshake has read 1365 bytes and written 415 bytes Verification error: certificate has expired --- New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 Session-ID: B908B4D38763D699E063B76C972901CFE0F92753A5B3908D45D73602B194269C Session-ID-ctx: Master-Key: 0298CB5F38BB174A3A55174AC10C14878DCBDEA9BFCF499A34F928EE95F805613FA1AD7E6634ECA7B19D7FAAE01D5A5D PSK identity: None PSK identity hint: None SRP username: None Start Time: 1711718928 Timeout : 7200 (sec) Verify return code: 10 (certificate has expired) Extended master secret: yes --- DONE