SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
It's all good. We have not detected any issues.
| Hostname: | done Matches Common Name or/and SAN |
| Expired: | done No (83 days till expiration) |
| Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
| Trusted: | done Yes, we were able to verify the certificate |
| Self-Signed: | done No, the end-entity certificate is not self-signed |
| Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
| Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
| OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
| Resolves To: | 84.45.203.209 |
| Reverse IP lookup: | 84-45-203-209.static.enta.net. |
| Nameserver: | ns4.freeola.net. |
| Nameserver: | ns3.freeola.net. |
General Information
| Common Name: | mail.nova-security.co.uk |
| SANs: | DNS:mail.nova-security.co.uk Total number of SANs: 1 |
| Signature Algorithm: | sha256WithRSAEncryption |
| Key Type: | RSA |
| Key size: | 2048 bits |
| Serial Number: | 31cfc1c55f365418372e0435ac09578b6c0 |
| Not Before: | Jul 20, 2024 22:00:48 GMT |
| Not After: | Oct 18, 2024 22:00:47 GMT |
| Number of certs: | 2 |
| Revocation Status: | good |
| OCSP Stapling: | Supported |
| Server: | Not Provided |
| HSTS: | Not Supported |
| HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: mail.nova-security.co.uk
Decode this certificate for verbose information → launch| Subject Common Name | mail.nova-security.co.uk |
| Issuer Common Name | R11 |
| Issuer Organization | Let's Encrypt |
| Not Before: | Jul 20, 2024 22:00:48 GMT |
| Not After: | Oct 18, 2024 22:00:47 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 31cfc1c55f365418372e0435ac09578b6c0 |
| SHA1 Fingerprint: | F6:CA:31:9C:8E:75:FC:C1:F7:97:62:2D:4F:E4:D9:A1:27:DB:26:58 |
| MD5 Fingerprint: | 47:AF:A0:BE:10:5E:4C:8D:90:A6:F7:C7:C3:CA:CA:FF |
Certificate # 2 - Common Name: R11
Decode this certificate for verbose information → launch| In place? | Yes, this certificate directly certifies the preceding one |
| Subject Common Name | R11 |
| Subject Organization | Let's Encrypt |
| Issuer Common Name | ISRG Root X1 |
| Issuer Organization | Internet Security Research Group |
| Not Before: | Mar 13, 2024 00:00:00 GMT |
| Not After: | Mar 12, 2027 23:59:59 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 8a7d3e13d62f30ef2386bd29076b34f8 |
| SHA1 Fingerprint: | 69:6D:B3:AF:0D:FF:C1:7E:65:C6:A2:0D:92:5C:5A:7B:D2:4D:EC:7E |
| MD5 Fingerprint: | 2F:AC:04:55:31:47:F4:6A:49:DF:9B:4E:BE:A6:DF:43 |
OpenSSL Handshake
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R11
verify return:1
depth=0 CN = mail.nova-security.co.uk
verify return:1
CONNECTED(00000003)
OCSP response:
======================================
OCSP Response Data:
OCSP Response Status: successful (0x0)
Response Type: Basic OCSP Response
Version: 1 (0x0)
Responder Id: C = US, O = Let's Encrypt, CN = R11
Produced At: Jul 20 23:11:00 2024 GMT
Responses:
Certificate ID:
Hash Algorithm: sha1
Issuer Name Hash: 1A52B9B459E4C33398217E866D4BBD8A3BD667CE
Issuer Key Hash: 08B9113BA5D08518B4EA0FA0AD9F861E8EFC3827
Serial Number: 031CFC1C55F365418372E0435AC09578B6C0
Cert Status: good
This Update: Jul 20 23:11:00 2024 GMT
Next Update: Jul 27 23:10:58 2024 GMT
Signature Algorithm: sha256WithRSAEncryption
54:b4:98:3d:9d:e6:76:0b:a5:85:cf:8c:40:e4:5e:e3:0f:11:
ec:17:f6:b0:73:a0:5d:1d:80:23:42:4d:c7:42:3a:68:a8:2a:
fc:70:db:02:8e:3c:86:81:1f:a1:08:77:f3:5d:f4:58:4f:37:
0a:43:6c:04:05:9f:9c:50:24:3b:c0:d7:90:07:9d:62:32:87:
b3:8d:ba:24:fe:e9:d2:30:59:24:f0:4d:56:4d:e0:2e:eb:25:
62:21:13:a2:aa:0f:ab:00:91:ca:02:e4:25:e1:90:e9:d7:84:
12:7c:9c:e5:d9:f5:bb:ea:ee:18:16:66:2d:43:ca:9a:0f:8a:
ca:82:9d:2d:8e:6d:50:ad:13:9a:ac:1b:e6:d4:8d:82:4b:ae:
e2:43:08:b5:ba:e8:61:f3:a5:d1:e5:22:91:44:a3:7f:d1:7e:
c4:2d:58:7f:69:71:08:b3:b2:1e:15:de:91:1c:34:ea:25:ac:
7e:8c:59:88:cb:23:3c:4c:43:b5:3e:47:64:08:26:7e:85:16:
9d:eb:08:6a:00:8d:b6:35:44:96:cd:6b:19:73:4a:f2:37:73:
af:87:d6:64:01:90:61:4a:03:1a:10:c6:8f:1c:50:96:88:72:
47:2b:c6:b0:44:23:8e:0a:37:50:6b:d1:14:cd:e8:d9:47:97:
68:e9:52:4f
======================================
---
Certificate chain
0 s:CN = mail.nova-security.co.uk
i:C = US, O = Let's Encrypt, CN = R11
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAxz8HFXzZUGDcuBDWsCVeLbAMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjQwNzIwMjIwMDQ4WhcNMjQxMDE4MjIwMDQ3WjAjMSEwHwYDVQQD
ExhtYWlsLm5vdmEtc2VjdXJpdHkuY28udWswggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCckyB+sw2llXlV5dtoiMoNzIIbs+6C4y84b/6e53RWAwBCNfNn
BboVND6q1N0Irz7B1pHZSqGYXgHXstuSyyrhnZQNe3TGbLduhnjiAbX8eLA7OSLv
FJa03sy99nHK+5kEGIXFaFbm7F/8Dplh3nw8Bwm6qiKyXkWJJ82ztXgYygb/JjmO
u8miI6OpTW2b60zpn0Z/afenVxAM80VPaawy99xDdbaJlJYbDVa1d1sHYfNHOYTv
ajGd+KlHPMRMLdrih1WdbEvxur61ukSVrQRDUrwAckMyFSOfada7mcTTu/4HjdNV
6ZKK/ZniOjlUMcE5GTDKSznYvOrpPR76BwafAgMBAAGjggIcMIICGDAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB
/wQCMAAwHQYDVR0OBBYEFPQk20YSmd5V2hd7gmkkOzAMqH4WMB8GA1UdIwQYMBaA
FMXPRqTq9MPAemyVxC2wXpIvJuO5MFcGCCsGAQUFBwEBBEswSTAiBggrBgEFBQcw
AYYWaHR0cDovL3IxMS5vLmxlbmNyLm9yZzAjBggrBgEFBQcwAoYXaHR0cDovL3Ix
MS5pLmxlbmNyLm9yZy8wIwYDVR0RBBwwGoIYbWFpbC5ub3ZhLXNlY3VyaXR5LmNv
LnVrMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDw
AHYAPxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGQ0mBczAAABAMA
RzBFAiAHeDxPn/4Gl4BodKu1o/tQoAoFC8m2snEDxMgA27ITNAIhALW+bhKz9qjH
peYxQ0SAO9xLolstMw0E104+MCLEFfoxAHYAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp
3GhCCp/mZ0xaOnQAAAGQ0mBdGAAABAMARzBFAiAEpvbb4Zll4o5bcfUu/hsbvpOt
p3SaBF+H9gJJ43jWkQIhAMrYPA81+Oai0Ru8e0+sw5Ihqtlzo+o+bF+Go/4K1NZn
MA0GCSqGSIb3DQEBCwUAA4IBAQCv9MSDL+CbuHJ7MYZ3N66EUEiIEOsumuLbAC/S
0ieRqLNQRLGxYPFHd934P9kMPghk2DifcVyHIK+OS4hfweR0u6wggTt4UyXh6aQ6
CHS2rObgxIYAOnfJQ3ZemFKv4Ou/C88QpyflogD0tYHt6rzNu7ZAeH4kJewy12Dl
PCWLt2BG3JmHqYGs8puhGwh0XW5Wz3Q1f7zzMcUt6MTm3fkyjvSGyS7UY0KU7ZA6
tutOTYRTSz3G9y2t8IVRRbx2UGG/FOHwjZUzDRpC79l4DOq/Jrk0DYJedD//JTcH
TXB53b4nV0A1I7oV8DpzkmAJY2nmHvA/FffbcoYHpPSaI9hi
-----END CERTIFICATE-----
1 s:C = US, O = Let's Encrypt, CN = R11
i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
-----BEGIN CERTIFICATE-----
MIIFBjCCAu6gAwIBAgIRAIp9PhPWLzDvI4a9KQdrNPgwDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
WhcNMjcwMzEyMjM1OTU5WjAzMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDEMMAoGA1UEAxMDUjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuoe8XBsAOcvKCs3UZxD5ATylTqVhyybKUvsVAbe5KPUoHu0nsyQYOWcJ
DAjs4DqwO3cOvfPlOVRBDE6uQdaZdN5R2+97/1i9qLcT9t4x1fJyyXJqC4N0lZxG
AGQUmfOx2SLZzaiSqhwmej/+71gFewiVgdtxD4774zEJuwm+UE1fj5F2PVqdnoPy
6cRms+EGZkNIGIBloDcYmpuEMpexsr3E+BUAnSeI++JjF5ZsmydnS8TbKF5pwnnw
SVzgJFDhxLyhBax7QG0AtMJBP6dYuC/FXJuluwme8f7rsIU5/agK70XEeOtlKsLP
Xzze41xNG/cLJyuqC0J3U095ah2H2QIDAQABo4H4MIH1MA4GA1UdDwEB/wQEAwIB
hjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwEgYDVR0TAQH/BAgwBgEB
/wIBADAdBgNVHQ4EFgQUxc9GpOr0w8B6bJXELbBeki8m47kwHwYDVR0jBBgwFoAU
ebRZ5nu25eQBc4AIiMgaWPbpm24wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAC
hhZodHRwOi8veDEuaS5sZW5jci5vcmcvMBMGA1UdIAQMMAowCAYGZ4EMAQIBMCcG
A1UdHwQgMB4wHKAaoBiGFmh0dHA6Ly94MS5jLmxlbmNyLm9yZy8wDQYJKoZIhvcN
AQELBQADggIBAE7iiV0KAxyQOND1H/lxXPjDj7I3iHpvsCUf7b632IYGjukJhM1y
v4Hz/MrPU0jtvfZpQtSlET41yBOykh0FX+ou1Nj4ScOt9ZmWnO8m2OG0JAtIIE38
01S0qcYhyOE2G/93ZCkXufBL713qzXnQv5C/viOykNpKqUgxdKlEC+Hi9i2DcaR1
e9KUwQUZRhy5j/PEdEglKg3l9dtD4tuTm7kZtB8v32oOjzHTYw+7KdzdZiw/sBtn
UfhBPORNuay4pJxmY/WrhSMdzFO2q3Gu3MUBcdo27goYKjL9CTF8j/Zz55yctUoV
aneCWs/ajUX+HypkBTA+c8LGDLnWO2NKq0YD/pnARkAnYGPfUDoHR9gVSp/qRx+Z
WghiDLZsMwhN1zjtSC0uBWiugF3vTNzYIEFfaPG7Ws3jDrAMMYebQ95JQ+HIBD/R
PBuHRTBpqKlyDnkSHDHYPiNX3adPoPAcgdF3H2/W0rmoswMWgTlLn1Wu0mrks7/q
pdWfS6PJ1jty80r2VKsM/Dj3YIDfbjXKdaFU5C+8bhfJGqU3taKauuz0wHVGT3eo
6FlWkWYtbt4pgdamlwVeZEW+LM7qZEJEsMNPrfC03APKmZsJgpWCDWOKZvkZcvjV
uYkQ4omYCTX5ohy+knMjdOmdH9c7SpqEWBDC86fiNex+O0XOMEZSa8DA
-----END CERTIFICATE-----
---
Server certificate
subject=CN = mail.nova-security.co.uk
issuer=C = US, O = Let's Encrypt, CN = R11
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3548 bytes and written 428 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: 263D0000FA6C9C6D1C3B2F4ECEC06CF85A90818F5AE05CE42522FB0C15400921
Session-ID-ctx:
Master-Key: 86F349F98B75C40A165F0692E1ED34954D83D6FC601A75BBF404E84E91C50A4DA713691E867027AA1C7D74A5478A846D
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1722065223
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: yes
---
DONE