SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
It's all good. We have not detected any issues.
| Hostname: | done Matches Common Name or/and SAN |
| Expired: | done No (44 days till expiration) |
| Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
| Trusted: | done Yes, we were able to verify the certificate |
| Self-Signed: | done No, the end-entity certificate is not self-signed |
| Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
| Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
| OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
| Resolves To: | 52.73.148.72 |
| Reverse IP lookup: | ec2-52-73-148-72.compute-1.amazonaws.com. |
| Nameserver: | ns19.domaincontrol.com. |
| Nameserver: | ns20.domaincontrol.com. |
General Information
| Common Name: | monitor.grignardpure.com |
| SANs: | DNS:monitor.grignardpure.com Total number of SANs: 1 |
| Signature Algorithm: | sha384WithRSAEncryption |
| Key Type: | RSA |
| Key size: | 2048 bits |
| Serial Number: | 92e1748d982818d5b081d0574e294def |
| Not Before: | May 17, 2022 00:00:00 GMT |
| Not After: | Aug 15, 2022 23:59:59 GMT |
| Number of certs: | 2 |
| Revocation Status: | good |
| OCSP Stapling: | Not Supported |
| Server: | nginx/1.14.0 (Ubuntu) |
| HSTS: | Not Supported |
| HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: monitor.grignardpure.com
Decode this certificate for verbose information → launch| Subject Common Name | monitor.grignardpure.com |
| Issuer Common Name | ZeroSSL RSA Domain Secure Site CA |
| Issuer Organization | ZeroSSL |
| Not Before: | May 17, 2022 00:00:00 GMT |
| Not After: | Aug 15, 2022 23:59:59 GMT |
| Signature Algorithm: | sha384WithRSAEncryption |
| Serial Number: | 92e1748d982818d5b081d0574e294def |
| SHA1 Fingerprint: | 53:45:62:A7:69:39:D4:E0:09:DD:0A:24:8C:70:A3:DA:53:2B:32:3B |
| MD5 Fingerprint: | B3:2B:47:00:B5:95:0E:AD:7C:0B:98:42:8C:95:6F:FE |
Certificate # 2 - Common Name: ZeroSSL RSA Domain Secure Site CA
Decode this certificate for verbose information → launch| In place? | Yes, this certificate directly certifies the preceding one |
| Subject Common Name | ZeroSSL RSA Domain Secure Site CA |
| Subject Organization | ZeroSSL |
| Issuer Common Name | USERTrust RSA Certification Authority |
| Issuer Organization | The USERTRUST Network |
| Not Before: | Jan 30, 2020 00:00:00 GMT |
| Not After: | Jan 29, 2030 23:59:59 GMT |
| Signature Algorithm: | sha384WithRSAEncryption |
| Serial Number: | 6c55abdbd00792c79d070cd8119ed6bf |
| SHA1 Fingerprint: | C8:1A:8B:D1:F9:CF:6D:84:C5:25:F3:78:CA:1D:3F:8C:30:77:0E:34 |
| MD5 Fingerprint: | 58:AA:23:10:7C:8D:5A:ED:EA:BD:0D:5E:32:57:85:92 |
OpenSSL Handshake
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
verify return:1
depth=1 C = AT, O = ZeroSSL, CN = ZeroSSL RSA Domain Secure Site CA
verify return:1
depth=0 CN = monitor.grignardpure.com
verify return:1
CONNECTED(00000003)
OCSP response: no response sent
---
Certificate chain
0 s:/CN=monitor.grignardpure.com
i:/C=AT/O=ZeroSSL/CN=ZeroSSL RSA Domain Secure Site CA
-----BEGIN CERTIFICATE-----
MIIGfjCCBGagAwIBAgIRAJLhdI2YKBjVsIHQV04pTe8wDQYJKoZIhvcNAQEMBQAw
SzELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB1plcm9TU0wxKjAoBgNVBAMTIVplcm9T
U0wgUlNBIERvbWFpbiBTZWN1cmUgU2l0ZSBDQTAeFw0yMjA1MTcwMDAwMDBaFw0y
MjA4MTUyMzU5NTlaMCMxITAfBgNVBAMTGG1vbml0b3IuZ3JpZ25hcmRwdXJlLmNv
bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAI+Crg+dBOh6PrwzXCT9
cl+Y6owloLLhj4NB6GroB3jPLLYuHEu1fJysHxyU3nrLnM+nhys19Z1FTqAhntgq
K6l3DW1vicimLx3ILZCDRPWhfwpUkHeZh90OlK+PPPG0zYLXTp8yBqPIwMZ6AIzn
4EiXbJPsFs3DW+pzLlDPggZT39MajObupBT6ygsUg1DmBRbAOQA2SHKZ3wT/P/HB
wq407OtSXjrXKpTHwAEjz5FZpaOzSZujoYl01CvbJbOgSimuIaBBR+GFPmzr6C/C
XO0JN5GIxRFze0pkQWV/FtgXU1KbXPx2QGGLXZOQDGlfbj2Mexy95EPKELMXnjMo
1/ECAwEAAaOCAoMwggJ/MB8GA1UdIwQYMBaAFMjZeGii2Rlo1T1y3l8KPty1hoam
MB0GA1UdDgQWBBSFiVrK3E8TvEXzoMH7DSOx3h1gSzAOBgNVHQ8BAf8EBAMCBaAw
DAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYD
VR0gBEIwQDA0BgsrBgEEAbIxAQICTjAlMCMGCCsGAQUFBwIBFhdodHRwczovL3Nl
Y3RpZ28uY29tL0NQUzAIBgZngQwBAgEwgYgGCCsGAQUFBwEBBHwwejBLBggrBgEF
BQcwAoY/aHR0cDovL3plcm9zc2wuY3J0LnNlY3RpZ28uY29tL1plcm9TU0xSU0FE
b21haW5TZWN1cmVTaXRlQ0EuY3J0MCsGCCsGAQUFBzABhh9odHRwOi8vemVyb3Nz
bC5vY3NwLnNlY3RpZ28uY29tMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUARqVV
63X6kSAwtaKJafTzfREsQXS+/Um4havy/HD+bUcAAAGA0LBCLwAABAMARjBEAiBZ
kErj6NorZyxzYVnPB/A+WubBZK5HbyYB7deux0PU0gIgWvKJTkLE+Icp11wgo64N
/29TyRpfI6ft5lRVjUAV4gEAdgBByMqx3yJGShDGoToJQodeTjGLGwPr60vHaPCQ
YpYG9gAAAYDQsEH6AAAEAwBHMEUCICmrCJD+Md106iwOF+aZzQ0EGm07ijr9X2e6
ELRCn+AmAiEAmNtqZbRJQaHU3MyyFLCIOhOVKfCOPDCBjWVER8KE1LIwIwYDVR0R
BBwwGoIYbW9uaXRvci5ncmlnbmFyZHB1cmUuY29tMA0GCSqGSIb3DQEBDAUAA4IC
AQBwv9W1Zg+s7WpLU7yQNJ/sC05jJoMRNxHcVeosY4zNsT+auQ2K5z0MrqfNbIJx
KQJ/HdUAXvnC73cgeZASh8XBOylb344x6a2TXXs5w4gFt5hWITki7vc+u7p0My9t
TAjMwDNckLGHe2vztHcdY3AQsBardOgMRRYC/m1Ypyx6mhMmJ+cJsnICmfpJsEmr
8U5Gd6SV8HV8O/GWFfEm0gdDxCUq5YyhKaqLDFcqleoT28SlPx1WW7PrZMWskl/q
QRmha15rBr2EALGLbLK3DsG/Q1PjM0+HlfvPEq0PE0HiIM3s8SRQmR/dmU2Jvkhw
S6wjHS9/uZ6Jqxgkda6d53oAFlrvUQ6jU4Cy1Xwto+YG84gYcfQzvrowXVlToZC0
2k/tLmumPKb9D1f4TmgBwBAbGhl+B29lNiayY+jWp7oXW5PzhOwaeSMeRPkRxXCA
2AOyBwBWjIHJuo7+RUqWJm0jOR5byy1R3JS02zlLUeCyscEYxzrDfxcGd9LciIxH
m9JZUOAG8eIbyKmOJdSoYIaAMnMFxoUXsKe4xV9yoMJ+kbdn1SidD4WpWoF1BQSV
PyUvJrMtQvNsMvsQaFV4A2cqULwq0pt18bU5Ir25kDeK0pkjYXdbZRdAaLpqSjPW
jQBKJdmMnt3Dvy0HM/hRvfepka/YlvOzf3OY4aKNRjG55g==
-----END CERTIFICATE-----
1 s:/C=AT/O=ZeroSSL/CN=ZeroSSL RSA Domain Secure Site CA
i:/C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority
-----BEGIN CERTIFICATE-----
MIIG1TCCBL2gAwIBAgIQbFWr29AHksedBwzYEZ7WvzANBgkqhkiG9w0BAQwFADCB
iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
MTMwMDAwMDAwWhcNMzAwMTI5MjM1OTU5WjBLMQswCQYDVQQGEwJBVDEQMA4GA1UE
ChMHWmVyb1NTTDEqMCgGA1UEAxMhWmVyb1NTTCBSU0EgRG9tYWluIFNlY3VyZSBT
aXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAhmlzfqO1Mdgj
4W3dpBPTVBX1AuvcAyG1fl0dUnw/MeueCWzRWTheZ35LVo91kLI3DDVaZKW+TBAs
JBjEbYmMwcWSTWYCg5334SF0+ctDAsFxsX+rTDh9kSrG/4mp6OShubLaEIUJiZo4
t873TuSd0Wj5DWt3DtpAG8T35l/v+xrN8ub8PSSoX5Vkgw+jWf4KQtNvUFLDq8mF
WhUnPL6jHAADXpvs4lTNYwOtx9yQtbpxwSt7QJY1+ICrmRJB6BuKRt/jfDJF9Jsc
RQVlHIxQdKAJl7oaVnXgDkqtk2qddd3kCDXd74gv813G91z7CjsGyJ93oJIlNS3U
gFbD6V54JMgZ3rSmotYbz98oZxX7MKbtCm1aJ/q+hTv2YK1yMxrnfcieKmOYBbFD
hnW5O6RMA703dBK92j6XRN2EttLkQuujZgy+jXRKtaWMIlkNkWJmOiHmErQngHvt
iNkIcjJumq1ddFX4iaTI40a6zgvIBtxFeDs2RfcaH73er7ctNUUqgQT5rFgJhMmF
x76rQgB5OZUkodb5k2ex7P+Gu4J86bS15094UuYcV09hVeknmTh5Ex9CBKipLS2W
2wKBakf+aVYnNCU6S0nASqt2xrZpGC1v7v6DhuepyyJtn3qSV2PoBiU5Sql+aARp
wUibQMGm44gjyNDqDlVp+ShLQlUH9x8CAwEAAaOCAXUwggFxMB8GA1UdIwQYMBaA
FFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBTI2XhootkZaNU9ct5fCj7c
tYaGpjAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQIC
TjAIBgZngQwBAgEwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1
c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYG
CCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3Qu
Y29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRw
Oi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQAVDwoIzQDV
ercT0eYqZjBNJ8VNWwVFlQOtZERqn5iWnEVaLZZdzxlbvz2Fx0ExUNuUEgYkIVM4
YocKkCQ7hO5noicoq/DrEYH5IuNcuW1I8JJZ9DLuB1fYvIHlZ2JG46iNbVKA3ygA
Ez86RvDQlt2C494qqPVItRjrz9YlJEGT0DrttyApq0YLFDzf+Z1pkMhh7c+7fXeJ
qmIhfJpduKc8HEQkYQQShen426S3H0JrIAbKcBCiyYFuOhfyvuwVCFDfFvrjADjd
4jX1uQXd161IyFRbm89s2Oj5oU1wDYz5sx+hoCuh6lSs+/uPuWomIq3y1GDFNafW
+LsHBU16lQo5Q2yh25laQsKRgyPmMpHJ98edm6y2sHUabASmRHxvGiuwwE25aDU0
2SAeepyImJ2CzB80YG7WxlynHqNhpE7xfC7PzQlLgmfEHdU+tHFeQazRQnrFkW2W
kqRGIq7cKRnyypvjPMkjeiV9lRdAM9fSJvsB3svUuu1coIG1xxI1yegoGM4r5QP4
RGIVvYaiI76C0djoSbQ/dkIUUXQuB8AL5jyH34g3BZaaXyvpmnV4ilppMXVAnAYG
ON51WhJ6W0xNdNJwzYASZYH+tmCWI+N60Gv2NNMGHwMZ7e9bXgzUCZH5FaBFDGR5
S9VWqHB73Q+OyIVvIbKYcSc2w/aSuFKGSA==
-----END CERTIFICATE-----
---
Server certificate
subject=/CN=monitor.grignardpure.com
issuer=/C=AT/O=ZeroSSL/CN=ZeroSSL RSA Domain Secure Site CA
---
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 4091 bytes and written 303 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-CHACHA20-POLY1305
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-CHACHA20-POLY1305
Session-ID: 8560D91E3EB9CBA357DE7C2C4335412B78F89E6B358865B1D57FD4228D0A5AA8
Session-ID-ctx:
Master-Key: D74A477850C47F89E4A817221128584B44BB8AA6AD8F614529D45D64BCE073FD39A4A6EDDAB184C1CF8F3F04674416CB
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 86400 (seconds)
TLS session ticket:
0000 - 7e 3d c4 7f 77 f9 09 b6-c9 c3 5e 45 0f 7b d9 d9 ~=..w.....^E.{..
0010 - b1 5d c5 41 22 e0 09 3e-3a 69 ef c6 35 cd e1 c8 .].A"..>:i..5...
0020 - 8b 2e 0c a4 60 59 5b c7-73 a0 a4 31 7b d2 25 d5 ....`Y[.s..1{.%.
0030 - 8d 22 6b 47 52 5f 50 c4-17 25 17 02 49 d1 df 4a ."kGR_P..%..I..J
0040 - 92 db d4 ea 60 18 33 dd-58 72 3e 6b 49 90 16 e7 ....`.3.Xr>kI...
0050 - cb 3d 2c d2 30 77 d6 e8-ee fd 20 49 5c 80 2e b6 .=,.0w.... I\...
0060 - 9a e5 86 52 0b e0 b9 0e-0a 2b 4f c3 63 7c f0 7e ...R.....+O.c|.~
0070 - 26 b2 0f 3f 31 04 26 16-fd c0 6b fb 3b fc 7e 9c &..?1.&...k.;.~.
0080 - 0a 94 cc ef 5b 4b b1 dd-bc fc 8a 01 94 9a 11 66 ....[K.........f
0090 - 50 c8 81 16 36 59 f1 90-3d a4 2d 8c e5 fa 18 74 P...6Y..=.-....t
00a0 - 19 f9 df 28 2b e5 27 a3-3a 4b 13 bf a1 be ee fa ...(+.'.:K......
00b0 - f8 aa 3b b8 95 75 60 5c-94 6e 0a c0 3b 1d dd 09 ..;..u`\.n..;...
00c0 - c8 ad 22 71 64 ba 36 2f-70 68 fa 2e 29 87 7d df .."qd.6/ph..).}.
Start Time: 1656763022
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: yes
---
DONE