SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
It's all good. We have not detected any issues.
| Hostname: | done Matches Common Name or/and SAN |
| Expired: | done No (119 days till expiration) |
| Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
| Trusted: | done Yes, we were able to verify the certificate |
| Self-Signed: | done No, the end-entity certificate is not self-signed |
| Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
| Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
| OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
| CNAME: | e118552.dscx.akamaiedge.net. |
| Resolves To: | 104.124.1.67 |
| Reverse IP lookup: | a104-124-1-67.deploy.static.akamaitechnologies.com. |
| Nameserver: | a11-67.akam.net. |
| Nameserver: | a12-64.akam.net. |
| Nameserver: | a1-236.akam.net. |
| Nameserver: | a6-65.akam.net. |
| Nameserver: | a9-67.akam.net. |
| Nameserver: | a8-66.akam.net. |
General Information
| Common Name: | kohls.com |
| SANs: | DNS:*.kohls.comDNS:crms.kohlsrewards.comDNS:csr.kohlsrewards.comDNS:k-lab.comDNS:kohls.comDNS:kohlscorporation.comDNS:kohlsgreen.comDNS:kohlsgreenscene.comDNS:kohlsrealestate.comDNS:kohlsrewards.comDNS:kohlssuppliers.comDNS:kohlstravel.comDNS:laurenconradrunway.comDNS:lclaurenconradrunway.comDNS:lcrunway.comDNS:m.kohlsrewards.comDNS:media.kohlsimg.comDNS:media1.kohlsimg.comDNS:media2.kohlsimg.comDNS:mykohlscard.comDNS:mykohlscharge.comDNS:offaisle.comDNS:video.kohlsimg.comDNS:www.k-lab.comDNS:www.kohlscorporation.comDNS:www.kohlsgreen.comDNS:www.kohlsgreenscene.comDNS:www.kohlsrealestate.comDNS:www.kohlsrewards.comDNS:www.kohlssuppliers.comDNS:www.kohlstravel.comDNS:www.laurenconradrunway.comDNS:www.lclaurenconradrunway.comDNS:www.lcrunway.comDNS:www.mykohlscard.comDNS:www.mykohlscharge.comDNS:www.offaisle.com Total number of SANs: 37 |
| Organization: | Kohl's, Inc. |
| Locality: | Aurora |
| Signature Algorithm: | sha256WithRSAEncryption |
| Key Type: | ECDSA (secp256r1) |
| Key size: | 256 bits |
| Serial Number: | 769238826e681c6e77cd46c163c9892 |
| Not Before: | Oct 29, 2021 00:00:00 GMT |
| Not After: | Oct 29, 2022 23:59:59 GMT |
| Number of certs: | 2 |
| Revocation Status: | good |
| OCSP Stapling: | Supported |
| Server: | Not Provided |
| HSTS: | Not Supported |
| HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: kohls.com
Decode this certificate for verbose information → launch| Subject Common Name | kohls.com |
| Subject Organization | Kohl's, Inc. |
| Issuer Common Name | DigiCert SHA2 Secure Server CA |
| Issuer Organization | DigiCert Inc |
| Not Before: | Oct 29, 2021 00:00:00 GMT |
| Not After: | Oct 29, 2022 23:59:59 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 769238826e681c6e77cd46c163c9892 |
| SHA1 Fingerprint: | A8:AC:F3:A1:25:61:1D:E9:EA:25:7F:90:71:E6:A8:C2:59:AA:DC:A4 |
| MD5 Fingerprint: | 26:04:15:AD:3B:38:C3:22:9C:3D:DB:10:9C:11:2E:5C |
Certificate # 2 - Common Name: DigiCert SHA2 Secure Server CA
Decode this certificate for verbose information → launch| In place? | Yes, this certificate directly certifies the preceding one |
| Subject Common Name | DigiCert SHA2 Secure Server CA |
| Subject Organization | DigiCert Inc |
| Issuer Common Name | DigiCert Global Root CA |
| Issuer Organization | DigiCert Inc |
| Not Before: | Mar 08, 2013 12:00:00 GMT |
| Not After: | Mar 08, 2023 12:00:00 GMT |
| Signature Algorithm: | sha256WithRSAEncryption |
| Serial Number: | 1fda3eb6eca75c888438b724bcfbc91 |
| SHA1 Fingerprint: | 1F:B8:6B:11:68:EC:74:31:54:06:2E:8C:9C:C5:B1:71:A4:B7:CC:B4 |
| MD5 Fingerprint: | 34:5E:FF:15:B7:A4:9A:DD:45:1B:65:A7:F4:BD:C6:AE |
OpenSSL Handshake
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, CN = DigiCert SHA2 Secure Server CA
verify return:1
depth=0 C = US, ST = Illinois, L = Aurora, O = "Kohl's, Inc.", CN = kohls.com
verify return:1
CONNECTED(00000003)
OCSP response:
======================================
OCSP Response Data:
OCSP Response Status: successful (0x0)
Response Type: Basic OCSP Response
Version: 1 (0x0)
Responder Id: 0F80611C823161D52F28E78D4638B42CE1C6D9E2
Produced At: Jun 29 16:13:00 2022 GMT
Responses:
Certificate ID:
Hash Algorithm: sha1
Issuer Name Hash: 105FA67A80089DB5279F35CE830B43889EA3C70D
Issuer Key Hash: 0F80611C823161D52F28E78D4638B42CE1C6D9E2
Serial Number: 0769238826E681C6E77CD46C163C9892
Cert Status: good
This Update: Jun 29 15:57:01 2022 GMT
Next Update: Jul 6 15:12:01 2022 GMT
Signature Algorithm: sha256WithRSAEncryption
86:97:cb:df:3e:fd:04:db:f8:6d:91:19:ad:6b:10:45:0b:70:
a2:72:54:1c:59:02:fd:41:64:bc:65:d6:fe:77:9b:ec:4c:55:
e2:2a:f4:b3:e8:e8:1e:3b:bc:e8:fd:b0:64:dd:2a:e4:f7:83:
ec:aa:a3:1d:36:d7:cf:7d:0e:15:d0:91:ad:18:67:d9:65:a9:
de:b3:71:79:8b:87:9e:fe:c7:fa:44:e3:16:61:41:20:87:de:
fe:8d:1b:22:c6:ac:5b:b4:20:7e:e4:97:c4:cb:e9:5b:64:51:
7c:bd:2f:2d:bc:d0:05:fa:0e:08:e9:e5:59:29:cd:f7:f2:4f:
d1:06:03:b7:c1:e4:7f:64:5b:93:86:52:28:af:fc:a8:14:92:
61:ad:02:1a:24:27:a1:9d:a3:5c:33:10:29:62:48:5e:13:00:
70:07:8b:14:b9:c6:6c:c8:4c:b4:79:c6:4d:9d:65:ca:9f:99:
67:c7:1d:70:06:f9:23:bc:7e:36:ca:3d:a4:d9:e9:ee:12:6b:
73:68:e3:0d:6f:ca:27:0e:ea:62:da:1d:1f:5b:5f:55:ce:97:
e8:d1:b1:bc:5c:26:23:b3:be:81:0f:82:e0:c3:c0:cc:34:86:
3a:2a:6e:34:63:d5:57:31:27:44:31:eb:66:13:f4:dd:a8:23:
ac:9d:12:5a
======================================
---
Certificate chain
0 s:/C=US/ST=Illinois/L=Aurora/O=Kohl's, Inc./CN=kohls.com
i:/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA
-----BEGIN CERTIFICATE-----
MIIIljCCB36gAwIBAgIQB2kjiCbmgcbnfNRsFjyYkjANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjExMDI5MDAwMDAwWhcN
MjIxMDI5MjM1OTU5WjBcMQswCQYDVQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMx
DzANBgNVBAcTBkF1cm9yYTEVMBMGA1UEChMMS29obCdzLCBJbmMuMRIwEAYDVQQD
Ewlrb2hscy5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARlByHPcYb4H6RI
sWL+h/z+ZBhukepjs8qG646akCXh4QbDZtpvww0RaLDxyjrM1s1xWLPMjY08gqMZ
U8RkMqMjo4IGLDCCBigwHwYDVR0jBBgwFoAUD4BhHIIxYdUvKOeNRji0LOHG2eIw
HQYDVR0OBBYEFPorT6JuGZLwLeZsUm1eQQDmKsJCMIIC+AYDVR0RBIIC7zCCAuuC
Cyoua29obHMuY29tghVjcm1zLmtvaGxzcmV3YXJkcy5jb22CFGNzci5rb2hsc3Jl
d2FyZHMuY29tgglrLWxhYi5jb22CCWtvaGxzLmNvbYIUa29obHNjb3Jwb3JhdGlv
bi5jb22CDmtvaGxzZ3JlZW4uY29tghNrb2hsc2dyZWVuc2NlbmUuY29tghNrb2hs
c3JlYWxlc3RhdGUuY29tghBrb2hsc3Jld2FyZHMuY29tghJrb2hsc3N1cHBsaWVy
cy5jb22CD2tvaGxzdHJhdmVsLmNvbYIWbGF1cmVuY29ucmFkcnVud2F5LmNvbYIY
bGNsYXVyZW5jb25yYWRydW53YXkuY29tggxsY3J1bndheS5jb22CEm0ua29obHNy
ZXdhcmRzLmNvbYISbWVkaWEua29obHNpbWcuY29tghNtZWRpYTEua29obHNpbWcu
Y29tghNtZWRpYTIua29obHNpbWcuY29tgg9teWtvaGxzY2FyZC5jb22CEW15a29o
bHNjaGFyZ2UuY29tggxvZmZhaXNsZS5jb22CEnZpZGVvLmtvaGxzaW1nLmNvbYIN
d3d3LmstbGFiLmNvbYIYd3d3LmtvaGxzY29ycG9yYXRpb24uY29tghJ3d3cua29o
bHNncmVlbi5jb22CF3d3dy5rb2hsc2dyZWVuc2NlbmUuY29tghd3d3cua29obHNy
ZWFsZXN0YXRlLmNvbYIUd3d3LmtvaGxzcmV3YXJkcy5jb22CFnd3dy5rb2hsc3N1
cHBsaWVycy5jb22CE3d3dy5rb2hsc3RyYXZlbC5jb22CGnd3dy5sYXVyZW5jb25y
YWRydW53YXkuY29tghx3d3cubGNsYXVyZW5jb25yYWRydW53YXkuY29tghB3d3cu
bGNydW53YXkuY29tghN3d3cubXlrb2hsc2NhcmQuY29tghV3d3cubXlrb2hsc2No
YXJnZS5jb22CEHd3dy5vZmZhaXNsZS5jb20wDgYDVR0PAQH/BAQDAgeAMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBvBgNVHR8EaDBmMDGgL6AthitodHRw
Oi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LTEuY3JsMDGgL6Athito
dHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LTEuY3JsMD4GA1Ud
IAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNl
cnQuY29tL0NQUzB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9v
Y3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGln
aWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAMBgNVHRMB
Af8EAjAAMIIBfAYKKwYBBAHWeQIEAgSCAWwEggFoAWYAdQApeb7wnjk5IfBWc59j
pXflvld9nGAK+PlNXSZcJV3HhAAAAXzNvuWxAAAEAwBGMEQCICNd3lHQYMFRc5aQ
/Vw1saW7xvACYACKVfaM2FYY58aTAiBTWLOvy1Dfwc0oo907KplwVwaLYZM3HKqq
FMY+qnqhcwB1AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABfM2+
5hgAAAQDAEYwRAIhANWtUyAbYCtD0t3Fto3i3zjBCctOLYX621hnONNbFFRWAh8D
R8BT7xYiSMGIE1Y9HulEXhUTrtOVmnAeNQWsppFmAHYAQcjKsd8iRkoQxqE6CUKH
Xk4xixsD6+tLx2jwkGKWBvYAAAF8zb7l6gAABAMARzBFAiBESASbUmAAiD8P6Mks
AkC6Zj3OQoLqNbfUyyFFocYWiwIhAIK2Zrk5Bn7m/DS/5U5iR/JlAWNktRk+BYqF
3XBPQeSPMA0GCSqGSIb3DQEBCwUAA4IBAQCMyc8IyHtAJEyhyKnHdAjr/pdln1zt
HgzsvQqTywSmI5SsQ/nFSk7zPDecZPoIw9emWeZ49Q9/qGeAfV0Y1SvrW3cDnWk1
wHAIuUrohvLXJg+KR0KzPEpquH89svcPVwXnNtk2Rqrndu8AJnwviQnxlYjzRuwu
IgOxvHK+CJQ+3h8hSFQbB6hqW4mxu3Uoqk9qmKdhqxIL3Lu9ddwfi37/BL8t8bFw
5N59qwm7q9uOeaR59nQfGHWB27rw8nn6r+cEWSY8U1Lck5OGeZvhASWFxFFg1kBr
0wLxmOuLlQFNH1T5jO4fIjtHTD71ISSvLMPiU/LcQn8XsYt8o4YfE+OM
-----END CERTIFICATE-----
1 s:/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
-----BEGIN CERTIFICATE-----
MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
QTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg
U2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83
nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd
KpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f
/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX
kujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0
/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C
AQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY
aHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6
Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1
oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD
QS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v
d3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh
xtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB
CwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl
5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA
8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC
2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit
c+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0
j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz
-----END CERTIFICATE-----
---
Server certificate
subject=/C=US/ST=Illinois/L=Aurora/O=Kohl's, Inc./CN=kohls.com
issuer=/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA
---
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 4374 bytes and written 336 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-ECDSA-AES256-GCM-SHA384
Server public key is 256 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES256-GCM-SHA384
Session-ID: 30D06E6449E42464933E64ADF62D1E5850EBA7111399E1CB51F7012E1676E233
Session-ID-ctx:
Master-Key: CBAF8BE761571C7BF165CD3F8BBA4D34C8B94993F127F68BC237DB0251E1D465AC643CA5EDEE820BCC6308E6D729CACC
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 83100 (seconds)
TLS session ticket:
0000 - 00 01 cf 18 b9 88 6e a2-33 4f 4c 19 c7 a1 02 c6 ......n.3OL.....
0010 - 0d ae 4e c1 77 08 de f5-f1 7f 80 86 13 f3 a3 c7 ..N.w...........
0020 - f2 b4 9a a3 ed e9 d1 88-aa 40 56 c8 62 ee 8e 5a .........@V.b..Z
0030 - c8 43 23 b1 0b fb 3d 96-5d aa 70 3f 5b 4b fb 7d .C#...=.].p?[K.}
0040 - 99 02 80 51 ba 09 36 2e-e4 a4 05 92 f8 44 8f 00 ...Q..6......D..
0050 - 26 c1 8b 7b 82 25 7b 19-98 b7 10 b3 fb 4a 33 a8 &..{.%{......J3.
0060 - 30 d4 ad f1 d3 42 67 1f-ed ed a7 7a 72 69 bf 81 0....Bg....zri..
0070 - 84 d6 42 5f 1d 9c eb b0-50 da f3 f4 c9 39 d1 78 ..B_....P....9.x
0080 - c6 ed 1a 41 d0 b2 22 4d-a4 84 05 73 32 e8 13 76 ...A.."M...s2..v
0090 - 42 f5 6e bb 37 c2 9e a0-25 65 69 ad 54 5a c3 b8 B.n.7...%ei.TZ..
00a0 - db 45 b0 a5 c7 4a 52 90-1f 50 b6 e1 17 45 00 c0 .E...JR..P...E..
00b0 - 61 e0 f4 38 97 fc 77 ca-ae 7b 4d fc b5 82 1a fc a..8..w..{M.....
Start Time: 1656761946
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---
DONE