SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
It's all good. We have not detected any issues.
Hostname: | done Matches Common Name or/and SAN |
Expired: | done No (81 days till expiration) |
Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
Trusted: | done Yes, we were able to verify the certificate |
Self-Signed: | done No, the end-entity certificate is not self-signed |
Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
Resolves To: | 198.35.26.96 |
Reverse IP lookup: | text-lb.ulsfo.wikimedia.org. |
Nameserver: | ns0.wikimedia.org. |
Nameserver: | ns1.wikimedia.org. |
Nameserver: | ns2.wikimedia.org. |
General Information
Common Name: | *.wikipedia.org |
SANs: | DNS:*.m.mediawiki.orgDNS:*.m.wikibooks.orgDNS:*.m.wikidata.orgDNS:*.m.wikimedia.orgDNS:*.m.wikinews.orgDNS:*.m.wikipedia.orgDNS:*.m.wikiquote.orgDNS:*.m.wikisource.orgDNS:*.m.wikiversity.orgDNS:*.m.wikivoyage.orgDNS:*.m.wiktionary.orgDNS:*.mediawiki.orgDNS:*.planet.wikimedia.orgDNS:*.wikibooks.orgDNS:*.wikidata.orgDNS:*.wikifunctions.orgDNS:*.wikimedia.orgDNS:*.wikimediafoundation.orgDNS:*.wikinews.orgDNS:*.wikipedia.orgDNS:*.wikiquote.orgDNS:*.wikisource.orgDNS:*.wikiversity.orgDNS:*.wikivoyage.orgDNS:*.wiktionary.orgDNS:*.wmfusercontent.orgDNS:mediawiki.orgDNS:w.wikiDNS:wikibooks.orgDNS:wikidata.orgDNS:wikifunctions.orgDNS:wikimedia.orgDNS:wikimediafoundation.orgDNS:wikinews.orgDNS:wikipedia.orgDNS:wikiquote.orgDNS:wikisource.orgDNS:wikiversity.orgDNS:wikivoyage.orgDNS:wiktionary.orgDNS:wmfusercontent.org Total number of SANs: 41 |
Signature Algorithm: | sha256WithRSAEncryption |
Key Type: | ECDSA (secp256r1) |
Key size: | 256 bits |
Serial Number: | 38b10c18568d780d1c6a1ed0dcb409066ab |
Not Before: | Apr 18, 2024 04:22:40 GMT |
Not After: | Jul 17, 2024 04:22:39 GMT |
Number of certs: | 2 |
Revocation Status: | good |
OCSP Stapling: | Supported |
Server: | mw2438.codfw.wmnet |
HSTS: | max-age=106384710; includeSubDomains; preload |
HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: *.wikipedia.org
Decode this certificate for verbose information → launchSubject Common Name | *.wikipedia.org |
Issuer Common Name | R3 |
Issuer Organization | Let's Encrypt |
Not Before: | Apr 18, 2024 04:22:40 GMT |
Not After: | Jul 17, 2024 04:22:39 GMT |
Signature Algorithm: | sha256WithRSAEncryption |
Serial Number: | 38b10c18568d780d1c6a1ed0dcb409066ab |
SHA1 Fingerprint: | 5C:3E:AD:B7:AB:86:C4:9A:60:20:8A:B0:71:86:4C:AA:2F:E9:A7:7C |
MD5 Fingerprint: | F2:4B:DD:1D:E9:6D:60:5F:C0:30:AA:7D:35:46:95:60 |
Certificate # 2 - Common Name: R3
Decode this certificate for verbose information → launchIn place? | Yes, this certificate directly certifies the preceding one |
Subject Common Name | R3 |
Subject Organization | Let's Encrypt |
Issuer Common Name | ISRG Root X1 |
Issuer Organization | Internet Security Research Group |
Not Before: | Sep 04, 2020 00:00:00 GMT |
Not After: | Sep 15, 2025 16:00:00 GMT |
Signature Algorithm: | sha256WithRSAEncryption |
Serial Number: | 912b084acf0c18a753f6d62e25a75f5a |
SHA1 Fingerprint: | A0:53:37:5B:FE:84:E8:B7:48:78:2C:7C:EE:15:82:7A:6A:F5:A4:05 |
MD5 Fingerprint: | E8:29:E6:5D:7C:43:07:D6:FB:C1:3C:17:9E:03:7A:36 |
OpenSSL Handshake
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = R3 verify return:1 depth=0 CN = *.wikipedia.org verify return:1 CONNECTED(00000003) OCSP response: ====================================== OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response Version: 1 (0x0) Responder Id: C = US, O = Let's Encrypt, CN = R3 Produced At: Apr 22 07:25:00 2024 GMT Responses: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: 48DAC9A0FB2BD32D4FF0DE68D2F567B735F9B3C4 Issuer Key Hash: 142EB317B75856CBAE500940E61FAF9D8B14C2C6 Serial Number: 038B10C18568D780D1C6A1ED0DCB409066AB Cert Status: good This Update: Apr 22 07:25:00 2024 GMT Next Update: Apr 29 07:24:58 2024 GMT Signature Algorithm: sha256WithRSAEncryption 8d:ae:4c:ff:f7:ee:c0:df:45:f1:e0:13:e6:14:a1:b3:c5:15: 1e:41:cb:3d:ec:04:af:d7:38:44:c6:71:fa:cd:ef:a5:94:f5: ff:11:9b:5f:be:33:d0:55:ae:26:ad:52:30:ca:39:22:62:83: 31:16:1a:fa:5f:c6:1b:6e:36:45:ab:65:ab:7e:4d:94:8d:93: f5:15:ca:ba:1a:d4:41:c9:d6:47:72:fb:1a:30:e2:d9:6d:3c: 0e:1e:e2:06:04:8b:15:dd:2d:ff:06:e8:5b:46:27:85:38:5c: 69:63:e1:0f:24:3e:f4:6f:53:38:e6:9a:9f:53:f1:7b:be:8e: 88:f6:b8:c6:08:26:71:fe:a9:63:87:c1:0e:5f:f7:70:37:87: 81:b9:a5:0b:a7:de:6e:34:26:76:74:2d:72:80:ad:5d:4d:b3: 75:29:fd:46:4e:d0:75:46:e3:99:62:70:97:be:30:d2:c0:73: 8e:78:cf:9b:83:5f:f3:28:36:25:b2:01:96:87:0e:21:03:1e: 30:dc:39:a8:ee:3b:d9:2f:5d:04:08:1e:f7:18:93:80:51:4b: 2e:a8:1f:5d:8a:59:b6:08:da:03:c0:9d:b8:fe:3c:c4:91:ec: b7:03:d0:ec:13:57:42:e8:f1:a4:14:bd:72:c3:29:df:7c:fd: 3f:e7:d4:cf ====================================== --- Certificate chain 0 s:CN = *.wikipedia.org i:C = US, O = Let's Encrypt, CN = R3 -----BEGIN CERTIFICATE----- MIIG9jCCBd6gAwIBAgISA4sQwYVo14DRxqHtDctAkGarMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MTgwNDIyNDBaFw0yNDA3MTcwNDIyMzlaMBoxGDAWBgNVBAMM Dyoud2lraXBlZGlhLm9yZzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABNYkdzl0 wQUZx6nLNWcscbx/11su8accfwV0S85311QZ6A4oCBFZvnh0jN0FFRHXuyNZb7VV 2TMo2sRUS2CcEZyjggTnMIIE4zAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJaB/2Tw VO+Fue7X3AAyyLKsj+AKMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLG MFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iu b3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMIIC7QYDVR0R BIIC5DCCAuCCESoubS5tZWRpYXdpa2kub3JnghEqLm0ud2lraWJvb2tzLm9yZ4IQ Ki5tLndpa2lkYXRhLm9yZ4IRKi5tLndpa2ltZWRpYS5vcmeCECoubS53aWtpbmV3 cy5vcmeCESoubS53aWtpcGVkaWEub3JnghEqLm0ud2lraXF1b3RlLm9yZ4ISKi5t Lndpa2lzb3VyY2Uub3JnghMqLm0ud2lraXZlcnNpdHkub3JnghIqLm0ud2lraXZv eWFnZS5vcmeCEioubS53aWt0aW9uYXJ5Lm9yZ4IPKi5tZWRpYXdpa2kub3JnghYq LnBsYW5ldC53aWtpbWVkaWEub3Jngg8qLndpa2lib29rcy5vcmeCDioud2lraWRh dGEub3JnghMqLndpa2lmdW5jdGlvbnMub3Jngg8qLndpa2ltZWRpYS5vcmeCGSou d2lraW1lZGlhZm91bmRhdGlvbi5vcmeCDioud2lraW5ld3Mub3Jngg8qLndpa2lw ZWRpYS5vcmeCDyoud2lraXF1b3RlLm9yZ4IQKi53aWtpc291cmNlLm9yZ4IRKi53 aWtpdmVyc2l0eS5vcmeCECoud2lraXZveWFnZS5vcmeCECoud2lrdGlvbmFyeS5v cmeCFCoud21mdXNlcmNvbnRlbnQub3Jngg1tZWRpYXdpa2kub3JnggZ3Lndpa2mC DXdpa2lib29rcy5vcmeCDHdpa2lkYXRhLm9yZ4IRd2lraWZ1bmN0aW9ucy5vcmeC DXdpa2ltZWRpYS5vcmeCF3dpa2ltZWRpYWZvdW5kYXRpb24ub3Jnggx3aWtpbmV3 cy5vcmeCDXdpa2lwZWRpYS5vcmeCDXdpa2lxdW90ZS5vcmeCDndpa2lzb3VyY2Uu b3Jngg93aWtpdmVyc2l0eS5vcmeCDndpa2l2b3lhZ2Uub3Jngg53aWt0aW9uYXJ5 Lm9yZ4ISd21mdXNlcmNvbnRlbnQub3JnMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIB BQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcAPxdLT9ciR1iUHWUchL4NEu2QN38fhWrr wb8ohez4ZG4AAAGO76gwawAABAMASDBGAiEAkvPgL8pqVZBt0WrB7hz6gg+10fOs n4cT/ISosfW6TB4CIQCj/6n+SRBKrk3oSDWi9roRuToe/M70Uz3ybFzrMB6ZRgB2 ABmYEHEJ8NZSLjCA0p4/ZLuDbijM+Q9Sju7fzko/FrTKAAABju+oMHcAAAQDAEcw RQIgexu9BvikzqABVJSketys2hIZ8Jl0msguWK16ljm/6g4CIQDSzEsyfogt6m8g j6rTBryA+dwzGC2WMa5JAuHR3j26NjANBgkqhkiG9w0BAQsFAAOCAQEAMuC0ashL gL1QoU/veSIxRT30p0FVhp8fjEb+OKrmXfZDI6SDb5e/SZl2g5p89zw6gVZ3DkOb TqFzEyg/rKOknJwVGgqknWvZL56w1fNb3Z0whf6kOvdyAV61zxGn9gYn5kKEjRJX 0L0YyTh9h8TkjKoWeTiesqabP1ztWWuCKqKri8Oz7a+nWzaqkgPvrB5fHnk77UhN b8JZfwQ77YOeVYoJbphQuGDGReXUxcaNWCbK1M8e0f8Mv3W1XufoRTetf6KbiLi/ ipnFEybMjX3ZLWE9j03cZ5gructUW3B9t6vSJW4eJxAHBYZdJIAGVjePIKdX9Ife LZfVsTGhUYI/EA== -----END CERTIFICATE----- 1 s:C = US, O = Let's Encrypt, CN = R3 i:C = US, O = Internet Security Research Group, CN = ISRG Root X1 -----BEGIN CERTIFICATE----- MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG /kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4 avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2 yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+ HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX nLRbwHOoq7hHwg== -----END CERTIFICATE----- --- Server certificate subject=CN = *.wikipedia.org issuer=C = US, O = Let's Encrypt, CN = R3 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: ECDSA Server Temp Key: X25519, 253 bits --- SSL handshake has read 3984 bytes and written 404 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 256 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- DONE