Namecheap.com

SSL Checker

Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.

Report

Hostname: Matches Common Name or/and SAN
Expired: No (73 days till expiration)
Public Key: We were unable to find any issues in the public key of end-entity certificate
Trusted: Yes, we were able to verify the certificate
Self-Signed: No, the end-entity certificate is not self-signed
Chain Issues: No, we were unable to detect any issues in the certificate chain sent by the server
Weak signatures: No, certificates sent by the server were not signed utilizing a weak hash function
OCSP Status: OCSP Responder returned "good" status for the end-entity certificate

DNS Information

Resolves To: 67.199.248.12
Reverse IP lookup: cname.bitly.com.
Nameserver: ns4-64.akam.net.
Nameserver: ns5-65.akam.net.
Nameserver: ns7-66.akam.net.
Nameserver: ns1-240.akam.net.

General Information

Common Name: mzl.la
SANs: DNS:mzl.la Total number of SANs: 1
Signature Algorithm: sha256WithRSAEncryption
Key Type: RSA
Key size: 2048 bits
Serial Number: 4db7c9282acba5d92144e0939a00689a558
Not Before: Mar 12, 2024 14:41:21 GMT
Not After: Jun 10, 2024 14:41:20 GMT
Number of certs: 2
Revocation Status: good
OCSP Stapling: Not Supported
Server: nginx
HSTS: max-age=1209600
HPKP: Not Supported

Chain Information

Certificate # 1 - Common Name: mzl.la

Decode this certificate for verbose information →
Subject Common Name mzl.la
Issuer Common Name R3
Issuer Organization Let's Encrypt
Not Before: Mar 12, 2024 14:41:21 GMT
Not After: Jun 10, 2024 14:41:20 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 4db7c9282acba5d92144e0939a00689a558
SHA1 Fingerprint: 63:AC:FB:04:43:2F:9C:BC:88:C5:AF:53:C0:35:B2:29:21:13:79:C5
MD5 Fingerprint: 6E:0B:71:AB:9D:72:73:15:6D:33:3C:46:58:23:23:98

Certificate # 2 - Common Name: R3

Decode this certificate for verbose information →
In place? Yes, this certificate directly certifies the preceding one
Subject Common Name R3
Subject Organization Let's Encrypt
Issuer Common Name ISRG Root X1
Issuer Organization Internet Security Research Group
Not Before: Sep 04, 2020 00:00:00 GMT
Not After: Sep 15, 2025 16:00:00 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 912b084acf0c18a753f6d62e25a75f5a
SHA1 Fingerprint: A0:53:37:5B:FE:84:E8:B7:48:78:2C:7C:EE:15:82:7A:6A:F5:A4:05
MD5 Fingerprint: E8:29:E6:5D:7C:43:07:D6:FB:C1:3C:17:9E:03:7A:36

OpenSSL Handshake

depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = mzl.la
verify return:1
CONNECTED(00000003)
OCSP response: no response sent
---
Certificate chain
 0 s:CN = mzl.la
   i:C = US, O = Let's Encrypt, CN = R3
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgISBNt8koKsul2SFE4JOaAGiaVYMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAzMTIxNDQxMjFaFw0yNDA2MTAxNDQxMjBaMBExDzANBgNVBAMT
Bm16bC5sYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKiZx7KkVgKB
XhYXEJ9ChTYSVBKiySggObKqYZjgp47qAAyaEG7u14cGW9dktAXauhFjmZKrIGWa
4fHCAye6Yy7ZIEY0sF0Pr7LdJ6SVYxngpXFD3XTWt02oy55MHOJBQD7b8xAOBmvq
FqtvaNqj+I3g0FYbf++rAsZ8ywrSs6ubezxNVf4y3g+WQ9ydOYQ4Tcuk5ZHqY3m5
BlBTwWleJNdW4cNj0w6Ya7pXxOqzrMfzdZKMzwKXCi5e+Nur/1MwZ0kKd6flPCcU
CxsQGEOKwD6vu7it6fnrwBseO3AZCJArlH0btow2XSl/21XpPpdnqi1LIq/0OlfN
4UjdI1r8OnECAwEAAaOCAgYwggICMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU
BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU8cae
bSi2RBqJS1griK6OEFrTUaEwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsU
wsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5j
ci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wEQYDVR0R
BAowCIIGbXpsLmxhMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBAgYKKwYBBAHWeQIE
AgSB8wSB8ADuAHUASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGO
M1NPNQAABAMARjBEAiBzlE2nvgtkb+1c8BXkDyU6in/xlyYbWsXqS+Yg6aVBrgIg
OqKQlTQHVNsVJmEgmLHWV7i6Ps0IQ5nZlKiJLg2+Yf0AdQCi4r/WHt4vLweg1k5t
N6fcZUOwxrUuotq3iviabfUX2AAAAY4zU089AAAEAwBGMEQCICMK06Aeraq8Y12Z
Eveb1sJnV9/3Dsgo2AbqnqKy8gMCAiBdcRcSOcjgbFaGAE0YpQcGnkouQPbBFm1P
P1UAuxqHYzANBgkqhkiG9w0BAQsFAAOCAQEArKcQM28Etu7K4zpU6t5uPRYyzbmN
fHAlQIn2KG3V8zepEIIxqCH1g/Jh8OXi0iCyQyk32VjgLChE0XE1HoGJ7ulftHov
6wOhAd6FSv4JIZcaZiMvwWgQi86vThsVU1ud+sx0ruQ8WeM9uCBzKxIAk995ZKsI
JHn9irDMcv5SvyE7nwiz8hYEm/MAylXgVGn/yaklCdqPNP9D1VYm8jH4EUprFHnY
3mH0YocbGmcObXCXod937LvoWxes773y6nxE8GwpIN+/c1zA8QaJjJnr94fy3HC6
m93O3MeLChFeReqOVsZazZslxCtjq4NM9gpmVhPdrqUTB4xYnJ7r3pymGA==
-----END CERTIFICATE-----
 1 s:C = US, O = Let's Encrypt, CN = R3
   i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
nLRbwHOoq7hHwg==
-----END CERTIFICATE-----
---
Server certificate
subject=CN = mzl.la

issuer=C = US, O = Let's Encrypt, CN = R3

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3094 bytes and written 381 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
DONE
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_128_GCM_SHA256
    Session-ID: 1E462359BC6BAEF58F4DF2876F5CDB542A6F123E0823F4EA9DB86D3C4809BE00
    Session-ID-ctx: 
    Resumption PSK: A7720ECA893A31B26D8C4F9F88EEB37246EE21405A3B4547441226A0FD8E0A70
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 604800 (seconds)
    TLS session ticket:
    0000 - 9d d6 f4 b0 46 4d 52 86-88 c4 88 b1 1b 63 e5 95   ....FMR......c..
    0010 - c6 b0 4d 30 9f 58 76 78-a4 44 66 50 d4 e8 57 62   ..M0.Xvx.DfP..Wb
    0020 - 33 5e c1 2c 86 af ce e6-49 41 11 e2 73 77 e8 be   3^.,....IA..sw..
    0030 - 15 bb f5 cb 69 22 3b fd-c3 65 a2 f5 57 e7 21 8d   ....i";..e..W.!.
    0040 - 22 e2 b0 90 0f 79 46 72-68 57 7b 4d ef 1e aa c9   "....yFrhW{M....
    0050 - 12 03 72 9b 95 73 1a 4a-18 e0 27 31 35 c3 2e 77   ..r..s.J..'15..w
    0060 - 5b 27 bf 05 b1 13 ca 94-17                        ['.......

    Start Time: 1711678949
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    Max Early Data: 0
---
read R BLOCK