Namecheap.com
SSL Checker SSL & CSR Decoder CSR Generator SSL Converter

SSL Checker

Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.

Report

Hostname: Matches Common Name or/and SAN
Expired: No (72 days till expiration)
Public Key: We were unable to find any issues in the public key of end-entity certificate
Trusted: Yes, we were able to verify the certificate
Self-Signed: No, the end-entity certificate is not self-signed
Chain Issues: No, we were unable to detect any issues in the certificate chain sent by the server
Weak signatures: No, certificates sent by the server were not signed utilizing a weak hash function
OCSP Status: OCSP Responder returned "good" status for the end-entity certificate

DNS Information

Resolves To: 34.233.79.178
Reverse IP lookup: ec2-34-233-79-178.compute-1.amazonaws.com.
Nameserver: a1-63.akam.net.
Nameserver: a14-64.akam.net.
Nameserver: a3-66.akam.net.
Nameserver: a8-67.akam.net.
Nameserver: a9-64.akam.net.
Nameserver: a26-65.akam.net.

General Information

Common Name: state.gov
SANs: DNS:state.govDNS:pepfar.gov Total number of SANs: 2
Signature Algorithm: sha256WithRSAEncryption
Key Type: RSA
Key size: 2048 bits
Serial Number: e5a85532dd1ab2afd3dc6a36a98b672
Not Before: Jun 09, 2023 00:00:00 GMT
Not After: Jul 07, 2024 23:59:59 GMT
Number of certs: 4
Revocation Status: good
OCSP Stapling: Not Supported
Server: Apache
HSTS: max-age=31536000; preload
HPKP: Not Supported

Chain Information

Certificate # 1 - Common Name: state.gov

Decode this certificate for verbose information →
Subject Common Name state.gov
Issuer Common Name Amazon RSA 2048 M02
Issuer Organization Amazon
Not Before: Jun 09, 2023 00:00:00 GMT
Not After: Jul 07, 2024 23:59:59 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: e5a85532dd1ab2afd3dc6a36a98b672
SHA1 Fingerprint: 71:A3:58:5B:74:8E:4F:62:1B:F4:3D:2D:B1:1E:90:4C:47:26:07:E2
MD5 Fingerprint: FF:A4:CC:A0:12:81:95:A6:A8:85:CB:B6:7F:3A:CD:8C

Certificate # 2 - Common Name: Amazon RSA 2048 M02

Decode this certificate for verbose information →
In place? Yes, this certificate directly certifies the preceding one
Subject Common Name Amazon RSA 2048 M02
Subject Organization Amazon
Issuer Common Name Amazon Root CA 1
Issuer Organization Amazon
Not Before: Aug 23, 2022 22:25:30 GMT
Not After: Aug 23, 2030 22:25:30 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 773124a4bcbd44ec7b53beaf194842d3a0fa1
SHA1 Fingerprint: 41:4A:20:60:B7:38:C6:35:CC:7F:C2:43:E0:52:61:55:92:83:0C:53
MD5 Fingerprint: 11:32:62:79:2F:3A:49:1C:D7:C5:F8:B2:3B:DD:54:F0

Certificate # 3 - Common Name: Amazon Root CA 1

Decode this certificate for verbose information →
In place? Yes, this certificate directly certifies the preceding one
Subject Common Name Amazon Root CA 1
Subject Organization Amazon
Issuer Common Name Starfield Services Root Certificate Authority - G2
Issuer Organization Starfield Technologies, Inc.
Not Before: May 25, 2015 12:00:00 GMT
Not After: Dec 31, 2037 01:00:00 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 67f944a2a27cdf3fac2ae2b01f908eeb9c4c6
SHA1 Fingerprint: 06:B2:59:27:C4:2A:72:16:31:C1:EF:D9:43:1E:64:8F:A6:2E:1E:39
MD5 Fingerprint: E8:65:A2:2A:AE:52:4D:26:86:9A:F0:44:8D:6F:D8:96

Certificate # 4 - Common Name: Starfield Services Root Certificate Authority - G2

Decode this certificate for verbose information →
In place? Yes, this certificate directly certifies the preceding one
Subject Common Name Starfield Services Root Certificate Authority - G2
Subject Organization Starfield Technologies, Inc.
Issuer Organization Starfield Technologies, Inc.
Not Before: Sep 02, 2009 00:00:00 GMT
Not After: Jun 28, 2034 17:39:16 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: a70e4a4c3482b77f
SHA1 Fingerprint: 9E:99:A4:8A:99:60:B1:49:26:BB:7F:3B:02:E2:2D:A2:B0:AB:72:80
MD5 Fingerprint: C6:15:09:25:CF:EA:59:41:DD:C7:FF:2A:0A:50:66:92

OpenSSL Handshake

depth=2 C = US, O = Amazon, CN = Amazon Root CA 1
verify return:1
depth=1 C = US, O = Amazon, CN = Amazon RSA 2048 M02
verify return:1
depth=0 CN = state.gov
verify return:1
CONNECTED(00000003)
OCSP response: no response sent
---
Certificate chain
 0 s:CN = state.gov
   i:C = US, O = Amazon, CN = Amazon RSA 2048 M02
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgIQDlqFUy3Rqyr9Pcajapi2cjANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMDYwOTAwMDAwMFoXDTI0MDcwNzIzNTk1OVowFDES
MBAGA1UEAxMJc3RhdGUuZ292MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuF8D4vmZcQvM5HVXgrUyZ5b3v1V8urZr0RvsoJPT7Q1qPWgMCgmHo4UAU1Ks
nNS59R1E0W7GpSfLiKUKvFYdVOj2L7X2R770EF7W9bnFEMSPVXjY7laUW6tehPe7
hnuDCylpRjQHz6IoJ/2+pr163884m3AiAOxkJ+Io4ndsKgqhsSA+xWBHrgOOFj71
2HrppdcjXkJChAVlriYcdTbMl1NposjYGI5TfZ5+ttNKRvTD/bgVDc8QYiW/bwfi
DXkTAxWqr4lLjVp0nMYaomT/nRnHKUCUeSBNuOwhUDvqa8YjC2e5hy0vMUVfa+Zk
M7HTLLs0mQjnH/6CsNj4Xs0YQQIDAQABo4IC7TCCAukwHwYDVR0jBBgwFoAUwDFS
zVpQw4J8dHHOy+mc+XrrguIwHQYDVR0OBBYEFEmzPwepV9894W/ARUrk/9+71/x+
MCAGA1UdEQQZMBeCCXN0YXRlLmdvdoIKcGVwZmFyLmdvdjAOBgNVHQ8BAf8EBAMC
BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAu
oCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNybDAT
BgNVHSAEDDAKMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGG
IWh0dHA6Ly9vY3NwLnIybTAyLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYq
aHR0cDovL2NydC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY2VyMAwGA1Ud
EwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AO7N0GTV2xrOxVy3
nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABiJ5eaJkAAAQDAEcwRQIgGIg+gq+Zu2jf
HIwlg7IL/7m2cx7DeiiWzvzv8MUsvZ0CIQD0RhkY7Ag6GdgzT+/ri1UAUH7KjHpl
mevZ5P/iwx0e+AB1AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAAB
iJ5eaK8AAAQDAEYwRAIgF+ERn/dt469MCGlXrx1A2ZOd+yJN7GV8ySYYIqSi9A4C
IETmzjbR1xJPA5HWUcU2Pnggyxu6g2HVEiXKkDwc8utyAHYA2ra/az+1tiKfm8K7
XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGInl5oiAAABAMARzBFAiBLkiYQDkik4lgn
vjehsQmepF9/J/lkFWH1cvZvWJQcTQIhAKruV+Z34H84/qAmqs2vhWfoJsMpIU/g
7QSEK53Y9V5iMA0GCSqGSIb3DQEBCwUAA4IBAQCe7q1ei5Er4mG69v5l/61OT6oz
tm9dxvrUk1NelxpWUoKlTBnTsNxjGdWCSuS1SogRVaIghgqE2HM31kR52W9Bk1xT
7SQfNpQdMEDF2eb/WqnuMYnOh/OrN+fWNF0d3/BHE1IPfTA+YNVbFmd6IYaLxIjo
0CQoo8dLOyy/SxOOMM/EsqR7xRzeFTapjAFevj5yPHUG3IkesaTe2npYXCu0emiK
UqJGDfmiIMf4rCtx4p/btMY5bies/kS1po3MZpZ0BgqC+VUWzp4jWL2qDi/Rw/87
PI+bUpSmqu2CCpQv/weSNGTnAJG2kKub4TBB+XhbzfwAP7t4zCtR5O4YfZk4
-----END CERTIFICATE-----
 1 s:C = US, O = Amazon, CN = Amazon RSA 2048 M02
   i:C = US, O = Amazon, CN = Amazon Root CA 1
-----BEGIN CERTIFICATE-----
MIIEXjCCA0agAwIBAgITB3MSSkvL1E7HtTvq8ZSELToPoTANBgkqhkiG9w0BAQsF
ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
b24gUm9vdCBDQSAxMB4XDTIyMDgyMzIyMjUzMFoXDTMwMDgyMzIyMjUzMFowPDEL
MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEcMBoGA1UEAxMTQW1hem9uIFJT
QSAyMDQ4IE0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALtDGMZa
qHneKei1by6+pUPPLljTB143Si6VpEWPc6mSkFhZb/6qrkZyoHlQLbDYnI2D7hD0
sdzEqfnuAjIsuXQLG3A8TvX6V3oFNBFVe8NlLJHvBseKY88saLwufxkZVwk74g4n
WlNMXzla9Y5F3wwRHwMVH443xGz6UtGSZSqQ94eFx5X7Tlqt8whi8qCaKdZ5rNak
+r9nUThOeClqFd4oXych//Rc7Y0eX1KNWHYSI1Nk31mYgiK3JvH063g+K9tHA63Z
eTgKgndlh+WI+zv7i44HepRZjA1FYwYZ9Vv/9UkC5Yz8/yU65fgjaE+wVHM4e/Yy
C2osrPWE7gJ+dXMCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYD
VR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNV
HQ4EFgQUwDFSzVpQw4J8dHHOy+mc+XrrguIwHwYDVR0jBBgwFoAUhBjMhTTsvAyU
lC4IWZzHshBOCggwewYIKwYBBQUHAQEEbzBtMC8GCCsGAQUFBzABhiNodHRwOi8v
b2NzcC5yb290Y2ExLmFtYXpvbnRydXN0LmNvbTA6BggrBgEFBQcwAoYuaHR0cDov
L2NydC5yb290Y2ExLmFtYXpvbnRydXN0LmNvbS9yb290Y2ExLmNlcjA/BgNVHR8E
ODA2MDSgMqAwhi5odHRwOi8vY3JsLnJvb3RjYTEuYW1hem9udHJ1c3QuY29tL3Jv
b3RjYTEuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMA0GCSqGSIb3DQEBCwUAA4IB
AQAtTi6Fs0Azfi+iwm7jrz+CSxHH+uHl7Law3MQSXVtR8RV53PtR6r/6gNpqlzdo
Zq4FKbADi1v9Bun8RY8D51uedRfjsbeodizeBB8nXmeyD33Ep7VATj4ozcd31YFV
fgRhvTSxNrrTlNpWkUk0m3BMPv8sg381HhA6uEYokE5q9uws/3YkKqRiEz3TsaWm
JqIRZhMbgAfp7O7FUwFIb7UIspogZSKxPIWJpxiPo3TcBambbVtQOcNRWz5qCQdD
slI2yayq0n2TXoHyNCLEH8rpsJRVILFsg0jc7BaFrMnF462+ajSehgj12IidNeRN
4zl+EoNaWdpnWndvSpAEkq2P
-----END CERTIFICATE-----
 2 s:C = US, O = Amazon, CN = Amazon Root CA 1
   i:C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2
-----BEGIN CERTIFICATE-----
MIIEkjCCA3qgAwIBAgITBn+USionzfP6wq4rAfkI7rnExjANBgkqhkiG9w0BAQsF
ADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNj
b3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4x
OzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1
dGhvcml0eSAtIEcyMB4XDTE1MDUyNTEyMDAwMFoXDTM3MTIzMTAxMDAwMFowOTEL
MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv
b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj
ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM
9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw
IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6
VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L
93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm
jgSubJrIqg0CAwEAAaOCATEwggEtMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
BAQDAgGGMB0GA1UdDgQWBBSEGMyFNOy8DJSULghZnMeyEE4KCDAfBgNVHSMEGDAW
gBScXwDfqgHXMCs4iKK4bUqc8hGRgzB4BggrBgEFBQcBAQRsMGowLgYIKwYBBQUH
MAGGImh0dHA6Ly9vY3NwLnJvb3RnMi5hbWF6b250cnVzdC5jb20wOAYIKwYBBQUH
MAKGLGh0dHA6Ly9jcnQucm9vdGcyLmFtYXpvbnRydXN0LmNvbS9yb290ZzIuY2Vy
MD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwucm9vdGcyLmFtYXpvbnRydXN0
LmNvbS9yb290ZzIuY3JsMBEGA1UdIAQKMAgwBgYEVR0gADANBgkqhkiG9w0BAQsF
AAOCAQEAYjdCXLwQtT6LLOkMm2xF4gcAevnFWAu5CIw+7bMlPLVvUOTNNWqnkzSW
MiGpSESrnO09tKpzbeR/FoCJbM8oAxiDR3mjEH4wW6w7sGDgd9QIpuEdfF7Au/ma
eyKdpwAJfqxGF4PcnCZXmTA5YpaP7dreqsXMGz7KQ2hsVxa81Q4gLv7/wmpdLqBK
bRRYh5TmOTFffHPLkIhqhBGWJ6bt2YFGpn6jcgAKUj6DiAdjd4lpFw85hdKrCEVN
0FE6/V1dN2RMfjCyVSRCnTawXZwXgWHxyvkQAiSr6w10kY17RSlQOYiypok1JR4U
akcjMS9cmvqtmg5iUaQqqcT5NJ0hGA==
-----END CERTIFICATE-----
 3 s:C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2
   i:C = US, O = "Starfield Technologies, Inc.", OU = Starfield Class 2 Certification Authority
-----BEGIN CERTIFICATE-----
MIIEdTCCA12gAwIBAgIJAKcOSkw0grd/MA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
BAYTAlVTMSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTIw
MAYDVQQLEylTdGFyZmllbGQgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
eTAeFw0wOTA5MDIwMDAwMDBaFw0zNDA2MjgxNzM5MTZaMIGYMQswCQYDVQQGEwJV
UzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTElMCMGA1UE
ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjE7MDkGA1UEAxMyU3RhcmZp
ZWxkIFNlcnZpY2VzIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVDDrEKvlO4vW+GZdfjohTsR8/
y8+fIBNtKTrID30892t2OGPZNmCom15cAICyL1l/9of5JUOG52kbUpqQ4XHj2C0N
Tm/2yEnZtvMaVq4rtnQU68/7JuMauh2WLmo7WJSJR1b/JaCTcFOD2oR0FMNnngRo
Ot+OQFodSk7PQ5E751bWAHDLUu57fa4657wx+UX2wmDPE1kCK4DMNEffud6QZW0C
zyyRpqbn3oUYSXxmTqM6bam17jQuug0DuDPfR+uxa40l2ZvOgdFFRjKWcIfeAg5J
Q4W2bHO7ZOphQazJ1FTfhy/HIrImzJ9ZVGif/L4qL8RVHHVAYBeFAlU5i38FAgMB
AAGjgfAwge0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0O
BBYEFJxfAN+qAdcwKziIorhtSpzyEZGDMB8GA1UdIwQYMBaAFL9ft9HO3R+G9FtV
rNzXEMIOqYjnME8GCCsGAQUFBwEBBEMwQTAcBggrBgEFBQcwAYYQaHR0cDovL28u
c3MyLnVzLzAhBggrBgEFBQcwAoYVaHR0cDovL3guc3MyLnVzL3guY2VyMCYGA1Ud
HwQfMB0wG6AZoBeGFWh0dHA6Ly9zLnNzMi51cy9yLmNybDARBgNVHSAECjAIMAYG
BFUdIAAwDQYJKoZIhvcNAQELBQADggEBACMd44pXyn3pF3lM8R5V/cxTbj5HD9/G
VfKyBDbtgB9TxF00KGu+x1X8Z+rLP3+QsjPNG1gQggL4+C/1E2DUBc7xgQjB3ad1
l08YuW3e95ORCLp+QCztweq7dp4zBncdDQh/U90bZKuCJ/Fp1U1ervShw3WnWEQt
8jxwmKy6abaVd38PMV4s/KCHOkdp8Hlf9BRUpJVeEXgSYCfOn8J3/yNTd126/+pZ
59vPr5KW7ySaNRB6nJHGDn2Z9j8Z3/VyVOEVqQdZe4O/Ui5GjLIAZHYcSNPYeehu
VsyuLAOQ1xk4meTKCRlb/weWsKh/NEnfVqn3sF/tM+2MR7cwA130A4w=
-----END CERTIFICATE-----
---
Server certificate
subject=CN = state.gov

issuer=C = US, O = Amazon, CN = Amazon RSA 2048 M02

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 5485 bytes and written 384 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
DONE