Namecheap.com
SSL Checker SSL & CSR Decoder CSR Generator SSL Converter

SSL Checker

Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.

Report

Hostname: Matches Common Name or/and SAN
Expired: No (81 days till expiration)
Public Key: We were unable to find any issues in the public key of end-entity certificate
Trusted: Yes, we were able to verify the certificate
Self-Signed: No, the end-entity certificate is not self-signed
Chain Issues: No, we were unable to detect any issues in the certificate chain sent by the server
Weak signatures: No, certificates sent by the server were not signed utilizing a weak hash function
OCSP Status: OCSP Responder returned "good" status for the end-entity certificate

DNS Information

Resolves To: 198.35.26.96
Reverse IP lookup: text-lb.ulsfo.wikimedia.org.
Nameserver: ns0.wikimedia.org.
Nameserver: ns1.wikimedia.org.
Nameserver: ns2.wikimedia.org.

General Information

Common Name: *.wikipedia.org
SANs: DNS:*.m.mediawiki.orgDNS:*.m.wikibooks.orgDNS:*.m.wikidata.orgDNS:*.m.wikimedia.orgDNS:*.m.wikinews.orgDNS:*.m.wikipedia.orgDNS:*.m.wikiquote.orgDNS:*.m.wikisource.orgDNS:*.m.wikiversity.orgDNS:*.m.wikivoyage.orgDNS:*.m.wiktionary.orgDNS:*.mediawiki.orgDNS:*.planet.wikimedia.orgDNS:*.wikibooks.orgDNS:*.wikidata.orgDNS:*.wikifunctions.orgDNS:*.wikimedia.orgDNS:*.wikimediafoundation.orgDNS:*.wikinews.orgDNS:*.wikipedia.orgDNS:*.wikiquote.orgDNS:*.wikisource.orgDNS:*.wikiversity.orgDNS:*.wikivoyage.orgDNS:*.wiktionary.orgDNS:*.wmfusercontent.orgDNS:mediawiki.orgDNS:w.wikiDNS:wikibooks.orgDNS:wikidata.orgDNS:wikifunctions.orgDNS:wikimedia.orgDNS:wikimediafoundation.orgDNS:wikinews.orgDNS:wikipedia.orgDNS:wikiquote.orgDNS:wikisource.orgDNS:wikiversity.orgDNS:wikivoyage.orgDNS:wiktionary.orgDNS:wmfusercontent.org Total number of SANs: 41
Signature Algorithm: sha256WithRSAEncryption
Key Type: ECDSA (secp256r1)
Key size: 256 bits
Serial Number: 38b10c18568d780d1c6a1ed0dcb409066ab
Not Before: Apr 18, 2024 04:22:40 GMT
Not After: Jul 17, 2024 04:22:39 GMT
Number of certs: 2
Revocation Status: good
OCSP Stapling: Supported
Server: mw2438.codfw.wmnet
HSTS: max-age=106384710; includeSubDomains; preload
HPKP: Not Supported

Chain Information

Certificate # 1 - Common Name: *.wikipedia.org

Decode this certificate for verbose information →
Subject Common Name *.wikipedia.org
Issuer Common Name R3
Issuer Organization Let's Encrypt
Not Before: Apr 18, 2024 04:22:40 GMT
Not After: Jul 17, 2024 04:22:39 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 38b10c18568d780d1c6a1ed0dcb409066ab
SHA1 Fingerprint: 5C:3E:AD:B7:AB:86:C4:9A:60:20:8A:B0:71:86:4C:AA:2F:E9:A7:7C
MD5 Fingerprint: F2:4B:DD:1D:E9:6D:60:5F:C0:30:AA:7D:35:46:95:60

Certificate # 2 - Common Name: R3

Decode this certificate for verbose information →
In place? Yes, this certificate directly certifies the preceding one
Subject Common Name R3
Subject Organization Let's Encrypt
Issuer Common Name ISRG Root X1
Issuer Organization Internet Security Research Group
Not Before: Sep 04, 2020 00:00:00 GMT
Not After: Sep 15, 2025 16:00:00 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 912b084acf0c18a753f6d62e25a75f5a
SHA1 Fingerprint: A0:53:37:5B:FE:84:E8:B7:48:78:2C:7C:EE:15:82:7A:6A:F5:A4:05
MD5 Fingerprint: E8:29:E6:5D:7C:43:07:D6:FB:C1:3C:17:9E:03:7A:36

OpenSSL Handshake

depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = *.wikipedia.org
verify return:1
CONNECTED(00000003)
OCSP response: 
======================================
OCSP Response Data:
    OCSP Response Status: successful (0x0)
    Response Type: Basic OCSP Response
    Version: 1 (0x0)
    Responder Id: C = US, O = Let's Encrypt, CN = R3
    Produced At: Apr 22 07:25:00 2024 GMT
    Responses:
    Certificate ID:
      Hash Algorithm: sha1
      Issuer Name Hash: 48DAC9A0FB2BD32D4FF0DE68D2F567B735F9B3C4
      Issuer Key Hash: 142EB317B75856CBAE500940E61FAF9D8B14C2C6
      Serial Number: 038B10C18568D780D1C6A1ED0DCB409066AB
    Cert Status: good
    This Update: Apr 22 07:25:00 2024 GMT
    Next Update: Apr 29 07:24:58 2024 GMT

    Signature Algorithm: sha256WithRSAEncryption
         8d:ae:4c:ff:f7:ee:c0:df:45:f1:e0:13:e6:14:a1:b3:c5:15:
         1e:41:cb:3d:ec:04:af:d7:38:44:c6:71:fa:cd:ef:a5:94:f5:
         ff:11:9b:5f:be:33:d0:55:ae:26:ad:52:30:ca:39:22:62:83:
         31:16:1a:fa:5f:c6:1b:6e:36:45:ab:65:ab:7e:4d:94:8d:93:
         f5:15:ca:ba:1a:d4:41:c9:d6:47:72:fb:1a:30:e2:d9:6d:3c:
         0e:1e:e2:06:04:8b:15:dd:2d:ff:06:e8:5b:46:27:85:38:5c:
         69:63:e1:0f:24:3e:f4:6f:53:38:e6:9a:9f:53:f1:7b:be:8e:
         88:f6:b8:c6:08:26:71:fe:a9:63:87:c1:0e:5f:f7:70:37:87:
         81:b9:a5:0b:a7:de:6e:34:26:76:74:2d:72:80:ad:5d:4d:b3:
         75:29:fd:46:4e:d0:75:46:e3:99:62:70:97:be:30:d2:c0:73:
         8e:78:cf:9b:83:5f:f3:28:36:25:b2:01:96:87:0e:21:03:1e:
         30:dc:39:a8:ee:3b:d9:2f:5d:04:08:1e:f7:18:93:80:51:4b:
         2e:a8:1f:5d:8a:59:b6:08:da:03:c0:9d:b8:fe:3c:c4:91:ec:
         b7:03:d0:ec:13:57:42:e8:f1:a4:14:bd:72:c3:29:df:7c:fd:
         3f:e7:d4:cf
======================================
---
Certificate chain
 0 s:CN = *.wikipedia.org
   i:C = US, O = Let's Encrypt, CN = R3
-----BEGIN CERTIFICATE-----
MIIG9jCCBd6gAwIBAgISA4sQwYVo14DRxqHtDctAkGarMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA0MTgwNDIyNDBaFw0yNDA3MTcwNDIyMzlaMBoxGDAWBgNVBAMM
Dyoud2lraXBlZGlhLm9yZzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABNYkdzl0
wQUZx6nLNWcscbx/11su8accfwV0S85311QZ6A4oCBFZvnh0jN0FFRHXuyNZb7VV
2TMo2sRUS2CcEZyjggTnMIIE4zAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJaB/2Tw
VO+Fue7X3AAyyLKsj+AKMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLG
MFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iu
b3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMIIC7QYDVR0R
BIIC5DCCAuCCESoubS5tZWRpYXdpa2kub3JnghEqLm0ud2lraWJvb2tzLm9yZ4IQ
Ki5tLndpa2lkYXRhLm9yZ4IRKi5tLndpa2ltZWRpYS5vcmeCECoubS53aWtpbmV3
cy5vcmeCESoubS53aWtpcGVkaWEub3JnghEqLm0ud2lraXF1b3RlLm9yZ4ISKi5t
Lndpa2lzb3VyY2Uub3JnghMqLm0ud2lraXZlcnNpdHkub3JnghIqLm0ud2lraXZv
eWFnZS5vcmeCEioubS53aWt0aW9uYXJ5Lm9yZ4IPKi5tZWRpYXdpa2kub3JnghYq
LnBsYW5ldC53aWtpbWVkaWEub3Jngg8qLndpa2lib29rcy5vcmeCDioud2lraWRh
dGEub3JnghMqLndpa2lmdW5jdGlvbnMub3Jngg8qLndpa2ltZWRpYS5vcmeCGSou
d2lraW1lZGlhZm91bmRhdGlvbi5vcmeCDioud2lraW5ld3Mub3Jngg8qLndpa2lw
ZWRpYS5vcmeCDyoud2lraXF1b3RlLm9yZ4IQKi53aWtpc291cmNlLm9yZ4IRKi53
aWtpdmVyc2l0eS5vcmeCECoud2lraXZveWFnZS5vcmeCECoud2lrdGlvbmFyeS5v
cmeCFCoud21mdXNlcmNvbnRlbnQub3Jngg1tZWRpYXdpa2kub3JnggZ3Lndpa2mC
DXdpa2lib29rcy5vcmeCDHdpa2lkYXRhLm9yZ4IRd2lraWZ1bmN0aW9ucy5vcmeC
DXdpa2ltZWRpYS5vcmeCF3dpa2ltZWRpYWZvdW5kYXRpb24ub3Jnggx3aWtpbmV3
cy5vcmeCDXdpa2lwZWRpYS5vcmeCDXdpa2lxdW90ZS5vcmeCDndpa2lzb3VyY2Uu
b3Jngg93aWtpdmVyc2l0eS5vcmeCDndpa2l2b3lhZ2Uub3Jngg53aWt0aW9uYXJ5
Lm9yZ4ISd21mdXNlcmNvbnRlbnQub3JnMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIB
BQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcAPxdLT9ciR1iUHWUchL4NEu2QN38fhWrr
wb8ohez4ZG4AAAGO76gwawAABAMASDBGAiEAkvPgL8pqVZBt0WrB7hz6gg+10fOs
n4cT/ISosfW6TB4CIQCj/6n+SRBKrk3oSDWi9roRuToe/M70Uz3ybFzrMB6ZRgB2
ABmYEHEJ8NZSLjCA0p4/ZLuDbijM+Q9Sju7fzko/FrTKAAABju+oMHcAAAQDAEcw
RQIgexu9BvikzqABVJSketys2hIZ8Jl0msguWK16ljm/6g4CIQDSzEsyfogt6m8g
j6rTBryA+dwzGC2WMa5JAuHR3j26NjANBgkqhkiG9w0BAQsFAAOCAQEAMuC0ashL
gL1QoU/veSIxRT30p0FVhp8fjEb+OKrmXfZDI6SDb5e/SZl2g5p89zw6gVZ3DkOb
TqFzEyg/rKOknJwVGgqknWvZL56w1fNb3Z0whf6kOvdyAV61zxGn9gYn5kKEjRJX
0L0YyTh9h8TkjKoWeTiesqabP1ztWWuCKqKri8Oz7a+nWzaqkgPvrB5fHnk77UhN
b8JZfwQ77YOeVYoJbphQuGDGReXUxcaNWCbK1M8e0f8Mv3W1XufoRTetf6KbiLi/
ipnFEybMjX3ZLWE9j03cZ5gructUW3B9t6vSJW4eJxAHBYZdJIAGVjePIKdX9Ife
LZfVsTGhUYI/EA==
-----END CERTIFICATE-----
 1 s:C = US, O = Let's Encrypt, CN = R3
   i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
nLRbwHOoq7hHwg==
-----END CERTIFICATE-----
---
Server certificate
subject=CN = *.wikipedia.org

issuer=C = US, O = Let's Encrypt, CN = R3

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: ECDSA
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3984 bytes and written 404 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 256 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
DONE