Namecheap.com

SSL Checker

Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.

Report

Hostname: Matches Common Name or/and SAN
Expired: No (280 days till expiration)
Public Key: We were unable to find any issues in the public key of end-entity certificate
Trusted: Yes, we were able to verify the certificate
Self-Signed: No, the end-entity certificate is not self-signed
Chain Issues: No, we were unable to detect any issues in the certificate chain sent by the server
Weak signatures: No, certificates sent by the server were not signed utilizing a weak hash function
OCSP Status: OCSP Responder returned "good" status for the end-entity certificate

DNS Information

Resolves To: 34.233.79.178
Reverse IP lookup: ec2-34-233-79-178.compute-1.amazonaws.com.
Nameserver: a3-66.akam.net.
Nameserver: a26-65.akam.net.
Nameserver: a8-67.akam.net.
Nameserver: a1-63.akam.net.
Nameserver: a9-64.akam.net.
Nameserver: a14-64.akam.net.

General Information

Common Name: state.gov
SANs: DNS:state.govDNS:pepfar.gov Total number of SANs: 2
Signature Algorithm: sha256WithRSAEncryption
Key Type: RSA
Key size: 2048 bits
Serial Number: 2d2b959329a4b7b4d08d17fb43dc967
Not Before: Aug 08, 2021 00:00:00 GMT
Not After: Sep 06, 2022 23:59:59 GMT
Number of certs: 4
Revocation Status: good
OCSP Stapling: Not Supported
Server: Apache
HSTS: max-age=31536000; preload
HPKP: Not Supported

Chain Information

Certificate # 1 - Common Name: state.gov

Decode this certificate for verbose information →
Subject Common Name state.gov
Issuer Common Name Amazon
Issuer Organization Amazon
Not Before: Aug 08, 2021 00:00:00 GMT
Not After: Sep 06, 2022 23:59:59 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 2d2b959329a4b7b4d08d17fb43dc967
SHA1 Fingerprint: 1C:A3:BD:E2:54:5E:24:AE:60:64:91:47:51:28:47:88:DB:CC:B9:68
MD5 Fingerprint: 40:02:96:78:7F:39:07:F1:69:F7:46:00:7A:5E:1D:71

Certificate # 2 - Common Name: Amazon

Decode this certificate for verbose information →
In place? Yes, this certificate directly certifies the preceding one
Subject Common Name Amazon
Subject Organization Amazon
Issuer Common Name Amazon Root CA 1
Issuer Organization Amazon
Not Before: Oct 22, 2015 00:00:00 GMT
Not After: Oct 19, 2025 00:00:00 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 67f94578587e8ac77deb253325bbc998b560d
SHA1 Fingerprint: 91:7E:73:2D:33:0F:9A:12:40:4F:73:D8:BE:A3:69:48:B9:29:DF:FC
MD5 Fingerprint: EB:26:8E:55:D4:34:FE:BD:A3:6A:97:9A:44:65:4B:6D

Certificate # 3 - Common Name: Amazon Root CA 1

Decode this certificate for verbose information →
In place? Yes, this certificate directly certifies the preceding one
Subject Common Name Amazon Root CA 1
Subject Organization Amazon
Issuer Common Name Starfield Services Root Certificate Authority - G2
Issuer Organization Starfield Technologies, Inc.
Not Before: May 25, 2015 12:00:00 GMT
Not After: Dec 31, 2037 01:00:00 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 67f944a2a27cdf3fac2ae2b01f908eeb9c4c6
SHA1 Fingerprint: 06:B2:59:27:C4:2A:72:16:31:C1:EF:D9:43:1E:64:8F:A6:2E:1E:39
MD5 Fingerprint: E8:65:A2:2A:AE:52:4D:26:86:9A:F0:44:8D:6F:D8:96

Certificate # 4 - Common Name: Starfield Services Root Certificate Authority - G2

Decode this certificate for verbose information →
In place? Yes, this certificate directly certifies the preceding one
Subject Common Name Starfield Services Root Certificate Authority - G2
Subject Organization Starfield Technologies, Inc.
Issuer Organization Starfield Technologies, Inc.
Not Before: Sep 02, 2009 00:00:00 GMT
Not After: Jun 28, 2034 17:39:16 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: a70e4a4c3482b77f
SHA1 Fingerprint: 9E:99:A4:8A:99:60:B1:49:26:BB:7F:3B:02:E2:2D:A2:B0:AB:72:80
MD5 Fingerprint: C6:15:09:25:CF:EA:59:41:DD:C7:FF:2A:0A:50:66:92

OpenSSL Handshake

depth=2 C = US, O = Amazon, CN = Amazon Root CA 1
verify return:1
depth=1 C = US, O = Amazon, OU = Server CA 1B, CN = Amazon
verify return:1
depth=0 CN = state.gov
verify return:1
CONNECTED(00000003)
OCSP response: no response sent
---
Certificate chain
 0 s:/CN=state.gov
   i:/C=US/O=Amazon/OU=Server CA 1B/CN=Amazon
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgIQAtK5WTKaS3tNCNF/tD3JZzANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMTA4MDgwMDAwMDBaFw0yMjA5MDYy
MzU5NTlaMBQxEjAQBgNVBAMTCXN0YXRlLmdvdjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLsWiV0nPV7UcdV++x7O7b03l5YOkJl7zybsRWVSeqltOUV
LTmmG3crV9E0tqBmyvcvmTlKRKGb4sonvmblRzyhsI8l9LHdagHVfoRBq2TAgAuj
91NwRqOfec6/eD5kwJ8A85PaEvVVXDsTyNd+2wrsPWbJc5TZjE1oouiZqxXhoA42
ECmCtuwjrN1TGfUXRk7HUBRvxXSz/TB+n8Yy4HhR74mvpMdnNEshKUtOIqiUImeP
K/FB1UBS0fK7Y1HImJp3GLIKTBcsVfvBNp2D36OSKYiGKckP0guMcSVvzpsqb3bP
uZUoYdgVFn1qRz96knBmg1zezQePw21jY08G/ZcCAwEAAaOCAuswggLnMB8GA1Ud
IwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0GA1UdDgQWBBSP8Ht3PT1khFok
a++aq46CvvEOvDAgBgNVHREEGTAXgglzdGF0ZS5nb3aCCnBlcGZhci5nb3YwDgYD
VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNV
HR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnNjYTFiLmFtYXpvbnRydXN0LmNvbS9z
Y2ExYi5jcmwwEwYDVR0gBAwwCjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0G
CCsGAQUFBzABhiFodHRwOi8vb2NzcC5zY2ExYi5hbWF6b250cnVzdC5jb20wNgYI
KwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFi
LmNydDAMBgNVHRMBAf8EAjAAMIIBewYKKwYBBAHWeQIEAgSCAWsEggFnAWUAdQAp
eb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZcJV3HhAAAAXsjXxCSAAAEAwBGMEQC
IF0Bo3eTgs0iGYsQpJ1H5hHcTY3nhZyUM7kiKUA6XxqbAiA3eE2DdrI+H99LcUeK
i08BkkphdgEeBm6ofEQwex5GXAB1AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKa
Df7UiwXlAAABeyNfEJkAAAQDAEYwRAIgej7GOz3zR2dLLcPFwCatPiOmq6YLWrgp
U3TBM/PoVjsCIDcwLB/1ccjKBo1N8GZRu1LoaXNYNS9jBqXt7wSdyFEeAHUAQcjK
sd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF7I18QOwAABAMARjBEAiBs
iVwgIxNCz75VyTrqXYr6Q/z7iFETqBguxvjuhbpmeAIgDuqLYGH2qxzz1c/C5ts8
+AVgQrEpv4RDMbyRjyf7QwkwDQYJKoZIhvcNAQELBQADggEBACe8wot/qpdfIryw
YHL1uUWMDHAcEdnRL9KlPS7427/YbAdWhEKcWBQKf6k/rm1R5QXaV3ixmTACz5Ub
W+isRtCiXfhsX/Zsj/k4jMBuS1KJrlE0TUhAvOFAlf4I0KiSEQArQKgzhYks2YdI
kowsyeIsgksWF0CfvxZKbqmCW5VZf3q628GmmharLz2I/lfzyAYVmQY3rCMmHRUI
qafgjVDgwHZKki3wLEYPRXnRd2yJcra9YL9XAYgZ701iMq9DjFWIpQUPSSnRNZtH
bPUTv5mTVsnyKHvInJlBy827E+joPigpIO0LrNHl2aotBK1Npx2BIItVig9N0ZcD
+S2Rm9o=
-----END CERTIFICATE-----
 1 s:/C=US/O=Amazon/OU=Server CA 1B/CN=Amazon
   i:/C=US/O=Amazon/CN=Amazon Root CA 1
-----BEGIN CERTIFICATE-----
MIIESTCCAzGgAwIBAgITBn+UV4WH6Kx33rJTMlu8mYtWDTANBgkqhkiG9w0BAQsF
ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
b24gUm9vdCBDQSAxMB4XDTE1MTAyMjAwMDAwMFoXDTI1MTAxOTAwMDAwMFowRjEL
MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENB
IDFCMQ8wDQYDVQQDEwZBbWF6b24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDCThZn3c68asg3Wuw6MLAd5tES6BIoSMzoKcG5blPVo+sDORrMd4f2AbnZ
cMzPa43j4wNxhplty6aUKk4T1qe9BOwKFjwK6zmxxLVYo7bHViXsPlJ6qOMpFge5
blDP+18x+B26A0piiQOuPkfyDyeR4xQghfj66Yo19V+emU3nazfvpFA+ROz6WoVm
B5x+F2pV8xeKNR7u6azDdU5YVX1TawprmxRC1+WsAYmz6qP+z8ArDITC2FMVy2fw
0IjKOtEXc/VfmtTFch5+AfGYMGMqqvJ6LcXiAhqG5TI+Dr0RtM88k+8XUBCeQ8IG
KuANaL7TiItKZYxK1MMuTJtV9IblAgMBAAGjggE7MIIBNzASBgNVHRMBAf8ECDAG
AQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUWaRmBlKge5WSPKOUByeW
dFv5PdAwHwYDVR0jBBgwFoAUhBjMhTTsvAyUlC4IWZzHshBOCggwewYIKwYBBQUH
AQEEbzBtMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5yb290Y2ExLmFtYXpvbnRy
dXN0LmNvbTA6BggrBgEFBQcwAoYuaHR0cDovL2NydC5yb290Y2ExLmFtYXpvbnRy
dXN0LmNvbS9yb290Y2ExLmNlcjA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3Js
LnJvb3RjYTEuYW1hem9udHJ1c3QuY29tL3Jvb3RjYTEuY3JsMBMGA1UdIAQMMAow
CAYGZ4EMAQIBMA0GCSqGSIb3DQEBCwUAA4IBAQCFkr41u3nPo4FCHOTjY3NTOVI1
59Gt/a6ZiqyJEi+752+a1U5y6iAwYfmXss2lJwJFqMp2PphKg5625kXg8kP2CN5t
6G7bMQcT8C8xDZNtYTd7WPD8UZiRKAJPBXa30/AbwuZe0GaFEQ8ugcYQgSn+IGBI
8/LwhBNTZTUVEWuCUUBVV18YtbAiPq3yXqMB48Oz+ctBWuZSkbvkNodPLamkB2g1
upRyzQ7qDn1X8nn8N8V7YJ6y68AtkHcNSRAnpTitxBKjtKPISLMVCx7i4hncxHZS
yLyKQXhw2W2Xs0qLeC1etA+jTGDK4UfLeC0SF7FSi8o5LL21L8IzApar2pR/
-----END CERTIFICATE-----
 2 s:/C=US/O=Amazon/CN=Amazon Root CA 1
   i:/C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Services Root Certificate Authority - G2
-----BEGIN CERTIFICATE-----
MIIEkjCCA3qgAwIBAgITBn+USionzfP6wq4rAfkI7rnExjANBgkqhkiG9w0BAQsF
ADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNj
b3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4x
OzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1
dGhvcml0eSAtIEcyMB4XDTE1MDUyNTEyMDAwMFoXDTM3MTIzMTAxMDAwMFowOTEL
MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv
b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj
ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM
9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw
IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6
VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L
93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm
jgSubJrIqg0CAwEAAaOCATEwggEtMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
BAQDAgGGMB0GA1UdDgQWBBSEGMyFNOy8DJSULghZnMeyEE4KCDAfBgNVHSMEGDAW
gBScXwDfqgHXMCs4iKK4bUqc8hGRgzB4BggrBgEFBQcBAQRsMGowLgYIKwYBBQUH
MAGGImh0dHA6Ly9vY3NwLnJvb3RnMi5hbWF6b250cnVzdC5jb20wOAYIKwYBBQUH
MAKGLGh0dHA6Ly9jcnQucm9vdGcyLmFtYXpvbnRydXN0LmNvbS9yb290ZzIuY2Vy
MD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwucm9vdGcyLmFtYXpvbnRydXN0
LmNvbS9yb290ZzIuY3JsMBEGA1UdIAQKMAgwBgYEVR0gADANBgkqhkiG9w0BAQsF
AAOCAQEAYjdCXLwQtT6LLOkMm2xF4gcAevnFWAu5CIw+7bMlPLVvUOTNNWqnkzSW
MiGpSESrnO09tKpzbeR/FoCJbM8oAxiDR3mjEH4wW6w7sGDgd9QIpuEdfF7Au/ma
eyKdpwAJfqxGF4PcnCZXmTA5YpaP7dreqsXMGz7KQ2hsVxa81Q4gLv7/wmpdLqBK
bRRYh5TmOTFffHPLkIhqhBGWJ6bt2YFGpn6jcgAKUj6DiAdjd4lpFw85hdKrCEVN
0FE6/V1dN2RMfjCyVSRCnTawXZwXgWHxyvkQAiSr6w10kY17RSlQOYiypok1JR4U
akcjMS9cmvqtmg5iUaQqqcT5NJ0hGA==
-----END CERTIFICATE-----
 3 s:/C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Services Root Certificate Authority - G2
   i:/C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority
-----BEGIN CERTIFICATE-----
MIIEdTCCA12gAwIBAgIJAKcOSkw0grd/MA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
BAYTAlVTMSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTIw
MAYDVQQLEylTdGFyZmllbGQgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
eTAeFw0wOTA5MDIwMDAwMDBaFw0zNDA2MjgxNzM5MTZaMIGYMQswCQYDVQQGEwJV
UzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTElMCMGA1UE
ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjE7MDkGA1UEAxMyU3RhcmZp
ZWxkIFNlcnZpY2VzIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVDDrEKvlO4vW+GZdfjohTsR8/
y8+fIBNtKTrID30892t2OGPZNmCom15cAICyL1l/9of5JUOG52kbUpqQ4XHj2C0N
Tm/2yEnZtvMaVq4rtnQU68/7JuMauh2WLmo7WJSJR1b/JaCTcFOD2oR0FMNnngRo
Ot+OQFodSk7PQ5E751bWAHDLUu57fa4657wx+UX2wmDPE1kCK4DMNEffud6QZW0C
zyyRpqbn3oUYSXxmTqM6bam17jQuug0DuDPfR+uxa40l2ZvOgdFFRjKWcIfeAg5J
Q4W2bHO7ZOphQazJ1FTfhy/HIrImzJ9ZVGif/L4qL8RVHHVAYBeFAlU5i38FAgMB
AAGjgfAwge0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0O
BBYEFJxfAN+qAdcwKziIorhtSpzyEZGDMB8GA1UdIwQYMBaAFL9ft9HO3R+G9FtV
rNzXEMIOqYjnME8GCCsGAQUFBwEBBEMwQTAcBggrBgEFBQcwAYYQaHR0cDovL28u
c3MyLnVzLzAhBggrBgEFBQcwAoYVaHR0cDovL3guc3MyLnVzL3guY2VyMCYGA1Ud
HwQfMB0wG6AZoBeGFWh0dHA6Ly9zLnNzMi51cy9yLmNybDARBgNVHSAECjAIMAYG
BFUdIAAwDQYJKoZIhvcNAQELBQADggEBACMd44pXyn3pF3lM8R5V/cxTbj5HD9/G
VfKyBDbtgB9TxF00KGu+x1X8Z+rLP3+QsjPNG1gQggL4+C/1E2DUBc7xgQjB3ad1
l08YuW3e95ORCLp+QCztweq7dp4zBncdDQh/U90bZKuCJ/Fp1U1ervShw3WnWEQt
8jxwmKy6abaVd38PMV4s/KCHOkdp8Hlf9BRUpJVeEXgSYCfOn8J3/yNTd126/+pZ
59vPr5KW7ySaNRB6nJHGDn2Z9j8Z3/VyVOEVqQdZe4O/Ui5GjLIAZHYcSNPYeehu
VsyuLAOQ1xk4meTKCRlb/weWsKh/NEnfVqn3sF/tM+2MR7cwA130A4w=
-----END CERTIFICATE-----
---
Server certificate
subject=/CN=state.gov
issuer=/C=US/O=Amazon/OU=Server CA 1B/CN=Amazon
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 5401 bytes and written 329 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: 
    Session-ID-ctx: 
    Master-Key: 0AB5EE2384D2478B609F37ABEA94D3AEF69E90B0C60F8058DC94217FC06535CDBA1316D1B7893D08CC9A436FD29E34AA
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1638249001
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
---
DONE