SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
It's all good. We have not detected any issues.
Hostname: | done Matches Common Name or/and SAN |
Expired: | done No (69 days till expiration) |
Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
Trusted: | done Yes, we were able to verify the certificate |
Self-Signed: | done No, the end-entity certificate is not self-signed |
Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
Resolves To: | 194.209.225.23 |
Reverse IP lookup: | member.kcdb.net. |
Nameserver: | namesrv2.kaktus.ch. |
Nameserver: | namesrv1.kaktus.ch. |
General Information
Common Name: | member.kcdb.net |
SANs: | DNS:member.kcdb.netDNS:my.kcdb.net Total number of SANs: 2 |
Signature Algorithm: | sha256WithRSAEncryption |
Key Type: | RSA |
Key size: | 2048 bits |
Serial Number: | 3216347db03b995295e56541cd3be50cd6e |
Not Before: | Jul 06, 2024 11:33:48 GMT |
Not After: | Oct 04, 2024 11:33:47 GMT |
Number of certs: | 2 |
Revocation Status: | good |
OCSP Stapling: | Not Supported |
Server: | Microsoft-IIS/8.5 |
HSTS: | Not Supported |
HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: member.kcdb.net
Decode this certificate for verbose information → launchSubject Common Name | member.kcdb.net |
Issuer Common Name | R11 |
Issuer Organization | Let's Encrypt |
Not Before: | Jul 06, 2024 11:33:48 GMT |
Not After: | Oct 04, 2024 11:33:47 GMT |
Signature Algorithm: | sha256WithRSAEncryption |
Serial Number: | 3216347db03b995295e56541cd3be50cd6e |
SHA1 Fingerprint: | 04:67:6B:3D:C5:D0:CC:87:4D:56:6E:F3:1C:15:31:B3:2D:DF:1B:F4 |
MD5 Fingerprint: | 52:A0:14:54:2F:FC:A4:D5:16:A0:94:F5:42:9D:D9:42 |
Certificate # 2 - Common Name: R11
Decode this certificate for verbose information → launchIn place? | Yes, this certificate directly certifies the preceding one |
Subject Common Name | R11 |
Subject Organization | Let's Encrypt |
Issuer Common Name | ISRG Root X1 |
Issuer Organization | Internet Security Research Group |
Not Before: | Mar 13, 2024 00:00:00 GMT |
Not After: | Mar 12, 2027 23:59:59 GMT |
Signature Algorithm: | sha256WithRSAEncryption |
Serial Number: | 8a7d3e13d62f30ef2386bd29076b34f8 |
SHA1 Fingerprint: | 69:6D:B3:AF:0D:FF:C1:7E:65:C6:A2:0D:92:5C:5A:7B:D2:4D:EC:7E |
MD5 Fingerprint: | 2F:AC:04:55:31:47:F4:6A:49:DF:9B:4E:BE:A6:DF:43 |
OpenSSL Handshake
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = R11 verify return:1 depth=0 CN = member.kcdb.net verify return:1 CONNECTED(00000003) OCSP response: no response sent --- Certificate chain 0 s:CN = member.kcdb.net i:C = US, O = Let's Encrypt, CN = R11 -----BEGIN CERTIFICATE----- MIIE/DCCA+SgAwIBAgISAyFjR9sDuZUpXlZUHNO+UM1uMA0GCSqGSIb3DQEBCwUA MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD EwNSMTEwHhcNMjQwNzA2MTEzMzQ4WhcNMjQxMDA0MTEzMzQ3WjAaMRgwFgYDVQQD Ew9tZW1iZXIua2NkYi5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCCya8HM2MX4v/cy7I/2OoV9pwN2y8A1PfLRJQNDL4H5yqBUw3CrSRdtiAtnShB z5NJjefGB+xMqinTcEiLEQv7iz9W3dUCjlcqey22yZ1rDl6w1yuA/9e9bsfcjxIW UiVt6wafzXSS5dgiDgxup9oKWELX2iHGAHl64BsDyZlQAZBIS71nYsa95Id8r0I6 DL7xmZ8OicmC1Dw8RksqMnIRODwMp6ZjhseQTwGfcOAbQdqnyabJci7FGzZ4AkiC jvvpnlZ9iI4XTKHqmgf8FO6ycLRfmFfxG2Eld5ONaKuxF8Zy0pFI9JPWMZnWpsP8 IevRB9q6KaJAig80D8gqGA5RAgMBAAGjggIhMIICHTAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD VR0OBBYEFJDkVm5EDC4mjEkvhD9J+AWn5DkbMB8GA1UdIwQYMBaAFMXPRqTq9MPA emyVxC2wXpIvJuO5MFcGCCsGAQUFBwEBBEswSTAiBggrBgEFBQcwAYYWaHR0cDov L3IxMS5vLmxlbmNyLm9yZzAjBggrBgEFBQcwAoYXaHR0cDovL3IxMS5pLmxlbmNy Lm9yZy8wJwYDVR0RBCAwHoIPbWVtYmVyLmtjZGIubmV0ggtteS5rY2RiLm5ldDAT BgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AD8X S0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABkIgJSFkAAAQDAEgwRgIh AI4Hifw3FDoKZtIj/xzfmU9xiN53q4bMRBCUxvUEz1HuAiEAo0p4UcJje6JPH9VY LTs10Y2/4u5qFv1kD4Ax0UKiwvgAdgDuzdBk1dsazsVct520zROiModGfLzs3sNR SFlGcR+1mwAAAZCICUhVAAAEAwBHMEUCIB1vhg3tsAf2d/SKc5kc2I5mEBf9TjzL 8Ew9ycHGF/ZpAiEAkko+eqDgWzt6wtqgLKkf1oXy7JbuV7ZuxtGoKnIUqe0wDQYJ KoZIhvcNAQELBQADggEBABiRDb583jO2/CiaTNu7nPnn34TTnAHhawmK6Q2f1j4C ap/94IO0dsJpWV+QXw4gAtzCxbuDYGjMR3ygl7afe9U3iBeAs9Ebso/jf89zalMU JN63GMjScoKSEm+GFEGm3Ig65+eliEZSIs3bmgWpNihAqVux6L5h8w/u5I8bgKDy l4vq60GMsueIuE7imHmTa5nZ29HQR+KBpTj1psJyLK7UzMKLFbuM9sz1qdNgUUM7 cfiGfAB960YTLFvWqytnzSLA0XpGfGY1dBxDuuTura/7Y2mWSQWjy8WkAXkReHur np3dBchdjIx0z70wjv7zb04wZCvEOVy4z0EGST/X0f4= -----END CERTIFICATE----- 1 s:C = US, O = Let's Encrypt, CN = R11 i:C = US, O = Internet Security Research Group, CN = ISRG Root X1 -----BEGIN CERTIFICATE----- MIIFBjCCAu6gAwIBAgIRAIp9PhPWLzDvI4a9KQdrNPgwDQYJKoZIhvcNAQELBQAw TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw WhcNMjcwMzEyMjM1OTU5WjAzMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg RW5jcnlwdDEMMAoGA1UEAxMDUjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAuoe8XBsAOcvKCs3UZxD5ATylTqVhyybKUvsVAbe5KPUoHu0nsyQYOWcJ DAjs4DqwO3cOvfPlOVRBDE6uQdaZdN5R2+97/1i9qLcT9t4x1fJyyXJqC4N0lZxG AGQUmfOx2SLZzaiSqhwmej/+71gFewiVgdtxD4774zEJuwm+UE1fj5F2PVqdnoPy 6cRms+EGZkNIGIBloDcYmpuEMpexsr3E+BUAnSeI++JjF5ZsmydnS8TbKF5pwnnw SVzgJFDhxLyhBax7QG0AtMJBP6dYuC/FXJuluwme8f7rsIU5/agK70XEeOtlKsLP Xzze41xNG/cLJyuqC0J3U095ah2H2QIDAQABo4H4MIH1MA4GA1UdDwEB/wQEAwIB hjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwEgYDVR0TAQH/BAgwBgEB /wIBADAdBgNVHQ4EFgQUxc9GpOr0w8B6bJXELbBeki8m47kwHwYDVR0jBBgwFoAU ebRZ5nu25eQBc4AIiMgaWPbpm24wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAC hhZodHRwOi8veDEuaS5sZW5jci5vcmcvMBMGA1UdIAQMMAowCAYGZ4EMAQIBMCcG A1UdHwQgMB4wHKAaoBiGFmh0dHA6Ly94MS5jLmxlbmNyLm9yZy8wDQYJKoZIhvcN AQELBQADggIBAE7iiV0KAxyQOND1H/lxXPjDj7I3iHpvsCUf7b632IYGjukJhM1y v4Hz/MrPU0jtvfZpQtSlET41yBOykh0FX+ou1Nj4ScOt9ZmWnO8m2OG0JAtIIE38 01S0qcYhyOE2G/93ZCkXufBL713qzXnQv5C/viOykNpKqUgxdKlEC+Hi9i2DcaR1 e9KUwQUZRhy5j/PEdEglKg3l9dtD4tuTm7kZtB8v32oOjzHTYw+7KdzdZiw/sBtn UfhBPORNuay4pJxmY/WrhSMdzFO2q3Gu3MUBcdo27goYKjL9CTF8j/Zz55yctUoV aneCWs/ajUX+HypkBTA+c8LGDLnWO2NKq0YD/pnARkAnYGPfUDoHR9gVSp/qRx+Z WghiDLZsMwhN1zjtSC0uBWiugF3vTNzYIEFfaPG7Ws3jDrAMMYebQ95JQ+HIBD/R PBuHRTBpqKlyDnkSHDHYPiNX3adPoPAcgdF3H2/W0rmoswMWgTlLn1Wu0mrks7/q pdWfS6PJ1jty80r2VKsM/Dj3YIDfbjXKdaFU5C+8bhfJGqU3taKauuz0wHVGT3eo 6FlWkWYtbt4pgdamlwVeZEW+LM7qZEJEsMNPrfC03APKmZsJgpWCDWOKZvkZcvjV uYkQ4omYCTX5ohy+knMjdOmdH9c7SpqEWBDC86fiNex+O0XOMEZSa8DA -----END CERTIFICATE----- --- Server certificate subject=CN = member.kcdb.net issuer=C = US, O = Let's Encrypt, CN = R11 --- No client certificate CA names sent Peer signing digest: SHA1 Peer signature type: RSA Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 3121 bytes and written 508 bytes Verification: OK --- New, TLSv1.2, Cipher is ECDHE-RSA-AES256-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-SHA384 Session-ID: 5E060000155EE0CB648B4DDE707457C031A842954C06AD0D87BAC498ADA052B3 Session-ID-ctx: Master-Key: B886F8E383FA893A9AD386E5558CD5A52FA64EA94F6A6D51BDAEC90AD41A203AED546C210E0A8ED1B7ECBA8202C21FEF PSK identity: None PSK identity hint: None SRP username: None Start Time: 1722066755 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: yes --- DONE