SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
Hostname: | close Doesn't match Common Name or/and SANs |
Expired: | done No (141 days till expiration) |
Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
Trusted: | close The end-entity certificate is self-signed |
Self-Signed: | close Yes, the end-entity certificate is self-signed |
Chain Issues: | close The chain doesn't contain any intermediate certificates |
Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
DNS Information
Resolves To: | 20.105.155.184 |
Reverse IP lookup: | No records found |
Nameserver: | a2-65.akam.net. |
Nameserver: | a3-66.akam.net. |
Nameserver: | a1-208.akam.net. |
Nameserver: | a7-67.akam.net. |
Nameserver: | a12-67.akam.net. |
Nameserver: | a18-64.akam.net. |
General Information
Common Name: | Kubernetes Ingress Controller Fake Certificate |
SANs: | DNS:ingress.local Total number of SANs: 1 |
Organization: | Acme Co |
Signature Algorithm: | sha256WithRSAEncryption |
Key Type: | RSA |
Key size: | 2048 bits |
Serial Number: | c381679c26e8e426c02b9e42bb1da7f5 |
Not Before: | Sep 14, 2023 14:21:28 GMT |
Not After: | Sep 13, 2024 14:21:28 GMT |
Number of certs: | 1 |
Revocation Status: | Certificate does not supply CA Issuers information |
OCSP Stapling: | Not Supported |
Server: | Not Provided |
HSTS: | max-age=15724800; includeSubDomains |
HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: Kubernetes Ingress Controller Fake Certificate
Decode this certificate for verbose information → launchSubject Common Name | Kubernetes Ingress Controller Fake Certificate |
Subject Organization | Acme Co |
Issuer Common Name | Kubernetes Ingress Controller Fake Certificate |
Issuer Organization | Acme Co |
Not Before: | Sep 14, 2023 14:21:28 GMT |
Not After: | Sep 13, 2024 14:21:28 GMT |
Signature Algorithm: | sha256WithRSAEncryption |
Serial Number: | c381679c26e8e426c02b9e42bb1da7f5 |
SHA1 Fingerprint: | 87:14:8F:FB:54:7C:3C:D4:FA:D3:E1:ED:FF:26:C5:4D:00:82:7F:71 |
MD5 Fingerprint: | 17:8F:85:C1:08:4D:EC:03:CB:3C:B4:B9:4F:6E:E3:F5 |
OpenSSL Handshake
depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate verify error:num=18:self signed certificate verify return:1 depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate verify return:1 CONNECTED(00000003) OCSP response: no response sent --- Certificate chain 0 s:O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate i:O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate -----BEGIN CERTIFICATE----- MIIDcDCCAligAwIBAgIRAMOBZ5wm6OQmwCueQrsdp/UwDQYJKoZIhvcNAQELBQAw SzEQMA4GA1UEChMHQWNtZSBDbzE3MDUGA1UEAxMuS3ViZXJuZXRlcyBJbmdyZXNz IENvbnRyb2xsZXIgRmFrZSBDZXJ0aWZpY2F0ZTAeFw0yMzA5MTQxNDIxMjhaFw0y NDA5MTMxNDIxMjhaMEsxEDAOBgNVBAoTB0FjbWUgQ28xNzA1BgNVBAMTLkt1YmVy bmV0ZXMgSW5ncmVzcyBDb250cm9sbGVyIEZha2UgQ2VydGlmaWNhdGUwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmN077wdeh4Hc7oqDT23GnBwCTw/iy YfmYdYmpE9QnDcMZFOWr5FdA2UA94tbxwqsMG9eUyFfnI3zVTE0kV9MAoOyuqIHA D8w86TC3jy5GYfpLkqrK4ErgQFDQkbHYQV0Hqw4fJfKR2g+a0IbaYC1UQkcW79fz j0Hrk7OfTtpKKsaSDztIrVrkG90PD7rEsEK11SvIMl4wwL1arduDxQ17Dcz4qQu6 vnbUu/vQsxeMmPhRg++nGAxJYOE0I4rK81awAgXIVuwQjhQ1MO4gSYsxUoeQytB8 EgWLbaUfSYl1ZZlXzt3r90alL1QVnBDqWXL+DBAqW8qistO91KUt2YTzAgMBAAGj TzBNMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMB Af8EAjAAMBgGA1UdEQQRMA+CDWluZ3Jlc3MubG9jYWwwDQYJKoZIhvcNAQELBQAD ggEBAEfAdkqPhHqDeQ0UlVisE63TfDYoZ2Suh91vwPQkBl/2En+vC2HjpJlZYAVF b8eG9VW1yi2u/uahRdd1mpG4F+1tOF5s5VBKbXeie1zSAi1XJk929hTeHFUaZ7bi 4FwIcxLphUF8q4dwQGEcF7mNwsGex+Ea/cmRVKRpNIK111i0xyD6TelczGhygg3b ONphyqARMJfrsCy+3qOTcAHYlURFMhwP0xT7EcjWTjJ2cO5BEGcKef8GRsYJCpXM qavYuPmzzlVkwY1B5Taj0aepjopQrdcZlJz/qEcNc26X77sMiyAnAMzOQy8ugvs9 KtJRVR86Yv5Ldee3UaatHADtENk= -----END CERTIFICATE----- --- Server certificate subject=O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate issuer=O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL handshake has read 1444 bytes and written 399 bytes Verification error: self signed certificate --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 18 (self signed certificate) --- DONE