SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
It's all good. We have not detected any issues.
| Hostname: | done Matches Common Name or/and SAN |
| Expired: | done No (69 days till expiration) |
| Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
| Trusted: | done Yes, we were able to verify the certificate |
| Self-Signed: | done No, the end-entity certificate is not self-signed |
| Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
| Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
| OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
| Resolves To: | 194.209.225.23 |
| Reverse IP lookup: | member.kcdb.net. |
| Nameserver: | namesrv2.kaktus.ch. |
| Nameserver: | namesrv1.kaktus.ch. |
General Information
| Common Name: | member.kcdb.net |
| SANs: | DNS:member.kcdb.netDNS:my.kcdb.net Total number of SANs: 2 |
| Signature Algorithm: | sha256WithRSAEncryption |
| Key Type: | RSA |
| Key size: | 2048 bits |
| Serial Number: | 3216347db03b995295e56541cd3be50cd6e |
| Not Before: | Jul 06, 2024 11:33:48 GMT |
| Not After: | Oct 04, 2024 11:33:47 GMT |
| Number of certs: | 2 |
| Revocation Status: | good |
| OCSP Stapling: | Not Supported |
| Server: | Microsoft-IIS/8.5 |
| HSTS: | Not Supported |
| HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: member.kcdb.net
Decode this certificate for verbose information → launch| Subject Common Name | member.kcdb.net |
| Issuer Common Name | R11 |
| Issuer Organization | Let's Encrypt |
| Not Before: | Jul 06, 2024 11:33:48 GMT |
| Not After: | Oct 04, 2024 11:33:47 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 3216347db03b995295e56541cd3be50cd6e |
| SHA1 Fingerprint: | 04:67:6B:3D:C5:D0:CC:87:4D:56:6E:F3:1C:15:31:B3:2D:DF:1B:F4 |
| MD5 Fingerprint: | 52:A0:14:54:2F:FC:A4:D5:16:A0:94:F5:42:9D:D9:42 |
Certificate # 2 - Common Name: R11
Decode this certificate for verbose information → launch| In place? | Yes, this certificate directly certifies the preceding one |
| Subject Common Name | R11 |
| Subject Organization | Let's Encrypt |
| Issuer Common Name | ISRG Root X1 |
| Issuer Organization | Internet Security Research Group |
| Not Before: | Mar 13, 2024 00:00:00 GMT |
| Not After: | Mar 12, 2027 23:59:59 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 8a7d3e13d62f30ef2386bd29076b34f8 |
| SHA1 Fingerprint: | 69:6D:B3:AF:0D:FF:C1:7E:65:C6:A2:0D:92:5C:5A:7B:D2:4D:EC:7E |
| MD5 Fingerprint: | 2F:AC:04:55:31:47:F4:6A:49:DF:9B:4E:BE:A6:DF:43 |
OpenSSL Handshake
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R11
verify return:1
depth=0 CN = member.kcdb.net
verify return:1
CONNECTED(00000003)
OCSP response: no response sent
---
Certificate chain
0 s:CN = member.kcdb.net
i:C = US, O = Let's Encrypt, CN = R11
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAyFjR9sDuZUpXlZUHNO+UM1uMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjQwNzA2MTEzMzQ4WhcNMjQxMDA0MTEzMzQ3WjAaMRgwFgYDVQQD
Ew9tZW1iZXIua2NkYi5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCCya8HM2MX4v/cy7I/2OoV9pwN2y8A1PfLRJQNDL4H5yqBUw3CrSRdtiAtnShB
z5NJjefGB+xMqinTcEiLEQv7iz9W3dUCjlcqey22yZ1rDl6w1yuA/9e9bsfcjxIW
UiVt6wafzXSS5dgiDgxup9oKWELX2iHGAHl64BsDyZlQAZBIS71nYsa95Id8r0I6
DL7xmZ8OicmC1Dw8RksqMnIRODwMp6ZjhseQTwGfcOAbQdqnyabJci7FGzZ4AkiC
jvvpnlZ9iI4XTKHqmgf8FO6ycLRfmFfxG2Eld5ONaKuxF8Zy0pFI9JPWMZnWpsP8
IevRB9q6KaJAig80D8gqGA5RAgMBAAGjggIhMIICHTAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFJDkVm5EDC4mjEkvhD9J+AWn5DkbMB8GA1UdIwQYMBaAFMXPRqTq9MPA
emyVxC2wXpIvJuO5MFcGCCsGAQUFBwEBBEswSTAiBggrBgEFBQcwAYYWaHR0cDov
L3IxMS5vLmxlbmNyLm9yZzAjBggrBgEFBQcwAoYXaHR0cDovL3IxMS5pLmxlbmNy
Lm9yZy8wJwYDVR0RBCAwHoIPbWVtYmVyLmtjZGIubmV0ggtteS5rY2RiLm5ldDAT
BgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AD8X
S0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABkIgJSFkAAAQDAEgwRgIh
AI4Hifw3FDoKZtIj/xzfmU9xiN53q4bMRBCUxvUEz1HuAiEAo0p4UcJje6JPH9VY
LTs10Y2/4u5qFv1kD4Ax0UKiwvgAdgDuzdBk1dsazsVct520zROiModGfLzs3sNR
SFlGcR+1mwAAAZCICUhVAAAEAwBHMEUCIB1vhg3tsAf2d/SKc5kc2I5mEBf9TjzL
8Ew9ycHGF/ZpAiEAkko+eqDgWzt6wtqgLKkf1oXy7JbuV7ZuxtGoKnIUqe0wDQYJ
KoZIhvcNAQELBQADggEBABiRDb583jO2/CiaTNu7nPnn34TTnAHhawmK6Q2f1j4C
ap/94IO0dsJpWV+QXw4gAtzCxbuDYGjMR3ygl7afe9U3iBeAs9Ebso/jf89zalMU
JN63GMjScoKSEm+GFEGm3Ig65+eliEZSIs3bmgWpNihAqVux6L5h8w/u5I8bgKDy
l4vq60GMsueIuE7imHmTa5nZ29HQR+KBpTj1psJyLK7UzMKLFbuM9sz1qdNgUUM7
cfiGfAB960YTLFvWqytnzSLA0XpGfGY1dBxDuuTura/7Y2mWSQWjy8WkAXkReHur
np3dBchdjIx0z70wjv7zb04wZCvEOVy4z0EGST/X0f4=
-----END CERTIFICATE-----
1 s:C = US, O = Let's Encrypt, CN = R11
i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
-----BEGIN CERTIFICATE-----
MIIFBjCCAu6gAwIBAgIRAIp9PhPWLzDvI4a9KQdrNPgwDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
WhcNMjcwMzEyMjM1OTU5WjAzMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDEMMAoGA1UEAxMDUjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuoe8XBsAOcvKCs3UZxD5ATylTqVhyybKUvsVAbe5KPUoHu0nsyQYOWcJ
DAjs4DqwO3cOvfPlOVRBDE6uQdaZdN5R2+97/1i9qLcT9t4x1fJyyXJqC4N0lZxG
AGQUmfOx2SLZzaiSqhwmej/+71gFewiVgdtxD4774zEJuwm+UE1fj5F2PVqdnoPy
6cRms+EGZkNIGIBloDcYmpuEMpexsr3E+BUAnSeI++JjF5ZsmydnS8TbKF5pwnnw
SVzgJFDhxLyhBax7QG0AtMJBP6dYuC/FXJuluwme8f7rsIU5/agK70XEeOtlKsLP
Xzze41xNG/cLJyuqC0J3U095ah2H2QIDAQABo4H4MIH1MA4GA1UdDwEB/wQEAwIB
hjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwEgYDVR0TAQH/BAgwBgEB
/wIBADAdBgNVHQ4EFgQUxc9GpOr0w8B6bJXELbBeki8m47kwHwYDVR0jBBgwFoAU
ebRZ5nu25eQBc4AIiMgaWPbpm24wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAC
hhZodHRwOi8veDEuaS5sZW5jci5vcmcvMBMGA1UdIAQMMAowCAYGZ4EMAQIBMCcG
A1UdHwQgMB4wHKAaoBiGFmh0dHA6Ly94MS5jLmxlbmNyLm9yZy8wDQYJKoZIhvcN
AQELBQADggIBAE7iiV0KAxyQOND1H/lxXPjDj7I3iHpvsCUf7b632IYGjukJhM1y
v4Hz/MrPU0jtvfZpQtSlET41yBOykh0FX+ou1Nj4ScOt9ZmWnO8m2OG0JAtIIE38
01S0qcYhyOE2G/93ZCkXufBL713qzXnQv5C/viOykNpKqUgxdKlEC+Hi9i2DcaR1
e9KUwQUZRhy5j/PEdEglKg3l9dtD4tuTm7kZtB8v32oOjzHTYw+7KdzdZiw/sBtn
UfhBPORNuay4pJxmY/WrhSMdzFO2q3Gu3MUBcdo27goYKjL9CTF8j/Zz55yctUoV
aneCWs/ajUX+HypkBTA+c8LGDLnWO2NKq0YD/pnARkAnYGPfUDoHR9gVSp/qRx+Z
WghiDLZsMwhN1zjtSC0uBWiugF3vTNzYIEFfaPG7Ws3jDrAMMYebQ95JQ+HIBD/R
PBuHRTBpqKlyDnkSHDHYPiNX3adPoPAcgdF3H2/W0rmoswMWgTlLn1Wu0mrks7/q
pdWfS6PJ1jty80r2VKsM/Dj3YIDfbjXKdaFU5C+8bhfJGqU3taKauuz0wHVGT3eo
6FlWkWYtbt4pgdamlwVeZEW+LM7qZEJEsMNPrfC03APKmZsJgpWCDWOKZvkZcvjV
uYkQ4omYCTX5ohy+knMjdOmdH9c7SpqEWBDC86fiNex+O0XOMEZSa8DA
-----END CERTIFICATE-----
---
Server certificate
subject=CN = member.kcdb.net
issuer=C = US, O = Let's Encrypt, CN = R11
---
No client certificate CA names sent
Peer signing digest: SHA1
Peer signature type: RSA
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3121 bytes and written 508 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-SHA384
Session-ID: 5E060000155EE0CB648B4DDE707457C031A842954C06AD0D87BAC498ADA052B3
Session-ID-ctx:
Master-Key: B886F8E383FA893A9AD386E5558CD5A52FA64EA94F6A6D51BDAEC90AD41A203AED546C210E0A8ED1B7ECBA8202C21FEF
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1722066755
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: yes
---
DONE