SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
It's all good. We have not detected any issues.
Hostname: | done Matches Common Name or/and SAN |
Expired: | done No (78 days till expiration) |
Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
Trusted: | done Yes, we were able to verify the certificate |
Self-Signed: | done No, the end-entity certificate is not self-signed |
Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
Resolves To: | 194.209.225.23 |
Reverse IP lookup: | member.kcdb.net. |
Nameserver: | namesrv1.kaktus.ch. |
Nameserver: | namesrv2.kaktus.ch. |
General Information
Common Name: | member.kcdb.net |
SANs: | DNS:member.kcdb.netDNS:my.kcdb.net Total number of SANs: 2 |
Signature Algorithm: | sha256WithRSAEncryption |
Key Type: | RSA |
Key size: | 2048 bits |
Serial Number: | 3e7eb647346b4f377996784def5bae1d7bc |
Not Before: | Feb 01, 2025 12:03:35 GMT |
Not After: | May 02, 2025 12:03:34 GMT |
Number of certs: | 2 |
Revocation Status: | good |
OCSP Stapling: | Not Supported |
Server: | Microsoft-IIS/8.5 |
HSTS: | Not Supported |
HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: member.kcdb.net
Decode this certificate for verbose information → launchSubject Common Name | member.kcdb.net |
Issuer Common Name | R10 |
Issuer Organization | Let's Encrypt |
Not Before: | Feb 01, 2025 12:03:35 GMT |
Not After: | May 02, 2025 12:03:34 GMT |
Signature Algorithm: | sha256WithRSAEncryption |
Serial Number: | 3e7eb647346b4f377996784def5bae1d7bc |
SHA1 Fingerprint: | 6C:79:4E:50:B6:3B:41:46:D6:44:75:83:84:3E:30:75:BF:93:66:CA |
MD5 Fingerprint: | F0:6C:D1:B9:D3:9A:CB:8C:9B:A3:C4:6A:B6:00:73:05 |
Certificate # 2 - Common Name: R10
Decode this certificate for verbose information → launchIn place? | Yes, this certificate directly certifies the preceding one |
Subject Common Name | R10 |
Subject Organization | Let's Encrypt |
Issuer Common Name | ISRG Root X1 |
Issuer Organization | Internet Security Research Group |
Not Before: | Mar 13, 2024 00:00:00 GMT |
Not After: | Mar 12, 2027 23:59:59 GMT |
Signature Algorithm: | sha256WithRSAEncryption |
Serial Number: | 4ba85293f79a2fa273064ba8048d75d0 |
SHA1 Fingerprint: | 00:AB:EF:D0:55:F9:A9:C7:84:FF:DE:AB:D1:DC:DD:8F:ED:74:14:36 |
MD5 Fingerprint: | AF:1C:77:AE:CC:8D:77:E9:AA:CB:0C:47:58:40:C3:92 |
OpenSSL Handshake
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = R10 verify return:1 depth=0 CN = member.kcdb.net verify return:1 CONNECTED(00000003) OCSP response: no response sent --- Certificate chain 0 s:CN = member.kcdb.net i:C = US, O = Let's Encrypt, CN = R10 -----BEGIN CERTIFICATE----- MIIE+zCCA+OgAwIBAgISA+frZHNGtPN3mWeE3vW64de8MA0GCSqGSIb3DQEBCwUA MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD EwNSMTAwHhcNMjUwMjAxMTIwMzM1WhcNMjUwNTAyMTIwMzM0WjAaMRgwFgYDVQQD Ew9tZW1iZXIua2NkYi5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCD0zhihwPIsYIGVrJ+abys2hwzcmqgT4OgvL4wM4mpOAlhHK3ytNahWf+MzruP WZzug4iEh4P9U/Ev8ybQwX+QA8wAS0i0zXuI/tcfDfT+5gACID3YpAyyvHgwtyyR hvrd8gaAdv8EQEwwUEV0XA4gjCDA62699nlFoH+xwx7uPjuMQMv5Bi5ZBA/6prKy 3gmln1SY/heN0+Hrpg6sWX82ErNkYHLoAumgXUaI/Jc0Iukn7rd5TyetCPxd9sF6 HrSQpFA+r72jbKuqLor6lWiMWOtASwByeygKbU6aZOXizo/FoULwr3eLW2KvF3Xq 1WoNR6HMtDMfxFEwBIul01MNAgMBAAGjggIgMIICHDAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD VR0OBBYEFOJnD/BVtexozRJ47CPt9mf/lEV7MB8GA1UdIwQYMBaAFLu8w0el5Lyp xsOkcgwQjaI14cjoMFcGCCsGAQUFBwEBBEswSTAiBggrBgEFBQcwAYYWaHR0cDov L3IxMC5vLmxlbmNyLm9yZzAjBggrBgEFBQcwAoYXaHR0cDovL3IxMC5pLmxlbmNy Lm9yZy8wJwYDVR0RBCAwHoIPbWVtYmVyLmtjZGIubmV0ggtteS5rY2RiLm5ldDAT BgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB1AKLj CuRF772tm3447Udnd1PXgluElNcrXhssxLlQpEfnAAABlMGaphgAAAQDAEYwRAIg fFIBKObsGx6b1Udyxv0OLQo4250UuY7v/66JEXFGWvQCIErrisxwki3b0u6/CGQs mODHKe0z1T2Fu9RJtoquskMUAHcAzxFW7tUufK/zh1vZaS6b6RpxZ0qwF+ysAdJb d87MOwgAAAGUwZqmVwAABAMASDBGAiEA6YKsjdcxvE/0OOrd1x01CCU7AT0kKM25 UlGe7c7ibvECIQC6yO8nDujvbr012Tmt5E1H76QQuICF0amLAIDlqj4deDANBgkq hkiG9w0BAQsFAAOCAQEAVyemqT05Oez0Ade5bjc/zEpVuHPIiw5+T//9+aA4uOdR NW5GRVtrfrKyGZgagLiGf4hZEvVAGKJmeTTWcopC1MIMp15APJ15/w4ASlV+8thd NgpltJIqV/UPHecaJLOMjxNRrK+2pPizim0HbBVo9zdhbZxfq8qYSN597sb/Qjz9 WvWplV0aKE+hQo1KeR/QR2HM+d35oo+aMly6DnyQzMZNbhKuja1LAu0ebPLhHuDz q5h4DRoJabF3CY3mQmloqXvdhrsVS+mxb0kqw2C+Si2sEv8ePHhSFGMYzTXFzFLF 2B3bIVi+mt2A3TZeXEfCpQd6taCNgwVMZUJ9Jx9wxw== -----END CERTIFICATE----- 1 s:C = US, O = Let's Encrypt, CN = R10 i:C = US, O = Internet Security Research Group, CN = ISRG Root X1 -----BEGIN CERTIFICATE----- MIIFBTCCAu2gAwIBAgIQS6hSk/eaL6JzBkuoBI110DANBgkqhkiG9w0BAQsFADBP MQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFy Y2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTAeFw0yNDAzMTMwMDAwMDBa Fw0yNzAzMTIyMzU5NTlaMDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBF bmNyeXB0MQwwCgYDVQQDEwNSMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQDPV+XmxFQS7bRH/sknWHZGUCiMHT6I3wWd1bUYKb3dtVq/+vbOo76vACFL YlpaPAEvxVgD9on/jhFD68G14BQHlo9vH9fnuoE5CXVlt8KvGFs3Jijno/QHK20a /6tYvJWuQP/py1fEtVt/eA0YYbwX51TGu0mRzW4Y0YCF7qZlNrx06rxQTOr8IfM4 FpOUurDTazgGzRYSespSdcitdrLCnF2YRVxvYXvGLe48E1KGAdlX5jgc3421H5KR mudKHMxFqHJV8LDmowfs/acbZp4/SItxhHFYyTr6717yW0QrPHTnj7JHwQdqzZq3 DZb3EoEmUVQK7GH29/Xi8orIlQ2NAgMBAAGjgfgwgfUwDgYDVR0PAQH/BAQDAgGG MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATASBgNVHRMBAf8ECDAGAQH/ AgEAMB0GA1UdDgQWBBS7vMNHpeS8qcbDpHIMEI2iNeHI6DAfBgNVHSMEGDAWgBR5 tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAKG Fmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0gBAwwCjAIBgZngQwBAgEwJwYD VR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVuY3Iub3JnLzANBgkqhkiG9w0B AQsFAAOCAgEAkrHnQTfreZ2B5s3iJeE6IOmQRJWjgVzPw139vaBw1bGWKCIL0vIo zwzn1OZDjCQiHcFCktEJr59L9MhwTyAWsVrdAfYf+B9haxQnsHKNY67u4s5Lzzfd u6PUzeetUK29v+PsPmI2cJkxp+iN3epi4hKu9ZzUPSwMqtCceb7qPVxEbpYxY1p9 1n5PJKBLBX9eb9LU6l8zSxPWV7bK3lG4XaMJgnT9x3ies7msFtpKK5bDtotij/l0 GaKeA97pb5uwD9KgWvaFXMIEt8jVTjLEvwRdvCn294GPDF08U8lAkIv7tghluaQh 1QnlE4SEN4LOECj8dsIGJXpGUk3aU3KkJz9icKy+aUgA+2cP21uh6NcDIS3XyfaZ QjmDQ993ChII8SXWupQZVBiIpcWO4RqZk3lr7Bz5MUCwzDIA359e57SSq5CCkY0N 4B6Vulk7LktfwrdGNVI5BsC9qqxSwSKgRJeZ9wygIaehbHFHFhcBaMDKpiZlBHyz rsnnlFXCb5s8HKn5LsUgGvB24L7sGNZP2CX7dhHov+YhD+jozLW2p9W4959Bz2Ei RmqDtmiXLnzqTpXbI+suyCsohKRg6Un0RC47+cpiVwHiXZAW+cn8eiNIjqbVgXLx KPpdzvvtTnOPlC7SQZSYmdunr3Bf9b77AiC/ZidstK36dRILKz7OA54= -----END CERTIFICATE----- --- Server certificate subject=CN = member.kcdb.net issuer=C = US, O = Let's Encrypt, CN = R10 --- No client certificate CA names sent Peer signing digest: SHA1 Peer signature type: RSA Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 3119 bytes and written 508 bytes Verification: OK --- New, TLSv1.2, Cipher is ECDHE-RSA-AES256-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-SHA384 Session-ID: FB4600007FC0537F42ED6CCE555C6254F62DC429462CAAFD6B4A5D011845EE99 Session-ID-ctx: Master-Key: 081439AD850E544043743932C46A91050B0C23A6BBBC6C17462A166FB79BAA884FC0EB2AFC1F14FB4387A18DE8DC64D4 PSK identity: None PSK identity hint: None SRP username: None Start Time: 1739389772 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: yes --- DONE