Namecheap.com
SSL Checker SSL & CSR Decoder CSR Generator SSL Converter

SSL Checker

Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.

Report

Hostname: Matches Common Name or/and SAN
Expired: No (81 days till expiration)
Public Key: We were unable to find any issues in the public key of end-entity certificate
Trusted: Yes, we were able to verify the certificate
Self-Signed: No, the end-entity certificate is not self-signed
Chain Issues: No, we were unable to detect any issues in the certificate chain sent by the server
Weak signatures: No, certificates sent by the server were not signed utilizing a weak hash function
OCSP Status: OCSP Responder returned "good" status for the end-entity certificate

DNS Information

CNAME: e118552.dscx.akamaiedge.net.
Resolves To: 104.123.70.41
Reverse IP lookup: a104-123-70-41.deploy.static.akamaitechnologies.com.
Nameserver: a11-67.akam.net.
Nameserver: a6-65.akam.net.
Nameserver: a8-66.akam.net.
Nameserver: a9-67.akam.net.
Nameserver: a1-236.akam.net.
Nameserver: a12-64.akam.net.

General Information

Common Name: kohls.com
SANs: DNS:kohls.comDNS:*.kohls.comDNS:crms.kohlsrewards.comDNS:csr.kohlsrewards.comDNS:k-lab.comDNS:kohlscorporation.comDNS:kohlsgreen.comDNS:kohlsgreenscene.comDNS:kohlsrealestate.comDNS:kohlsrewards.comDNS:kohlssuppliers.comDNS:kohlstravel.comDNS:laurenconradrunway.comDNS:lclaurenconradrunway.comDNS:lcrunway.comDNS:m.kohlsrewards.comDNS:media1.kohlsimg.comDNS:media2.kohlsimg.comDNS:mykohlscard.comDNS:mykohlscharge.comDNS:offaisle.comDNS:video.kohlsimg.comDNS:www.k-lab.comDNS:www.kohlscorporation.comDNS:www.kohlsgreen.comDNS:www.kohlsgreenscene.comDNS:www.kohlsrealestate.comDNS:www.kohlsrewards.comDNS:www.kohlssuppliers.comDNS:www.kohlstravel.comDNS:www.laurenconradrunway.comDNS:www.lclaurenconradrunway.comDNS:www.lcrunway.comDNS:www.mykohlscard.comDNS:www.mykohlscharge.comDNS:www.offaisle.com Total number of SANs: 36
Organization: Kohl's, Inc.
Locality: Aurora
Signature Algorithm: sha256WithRSAEncryption
Key Type: ECDSA (secp256r1)
Key size: 256 bits
Serial Number: 846de929b97a19e7e3ac5f0b8f3ddcc
Not Before: Aug 16, 2022 00:00:00 GMT
Not After: Aug 18, 2023 23:59:59 GMT
Number of certs: 2
Revocation Status: good
OCSP Stapling: Supported
Server: Not Provided
HSTS: max-age=31536000 ; includeSubDomains
HPKP: Not Supported

Chain Information

Certificate # 1 - Common Name: kohls.com

Decode this certificate for verbose information →
Subject Common Name kohls.com
Subject Organization Kohl's, Inc.
Issuer Common Name DigiCert TLS RSA SHA256 2020 CA1
Issuer Organization DigiCert Inc
Not Before: Aug 16, 2022 00:00:00 GMT
Not After: Aug 18, 2023 23:59:59 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 846de929b97a19e7e3ac5f0b8f3ddcc
SHA1 Fingerprint: 56:48:B9:87:FE:0D:00:99:2A:46:D4:AB:12:71:27:B1:B6:0D:B0:A2
MD5 Fingerprint: 6B:B9:EE:42:7B:2D:4D:A2:9A:53:4D:86:A1:A7:3F:4A

Certificate # 2 - Common Name: DigiCert TLS RSA SHA256 2020 CA1

Decode this certificate for verbose information →
In place? Yes, this certificate directly certifies the preceding one
Subject Common Name DigiCert TLS RSA SHA256 2020 CA1
Subject Organization DigiCert Inc
Issuer Common Name DigiCert Global Root CA
Issuer Organization DigiCert Inc
Not Before: Apr 14, 2021 00:00:00 GMT
Not After: Apr 13, 2031 23:59:59 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 6d8d904d5584346f68a2fa754227ec4
SHA1 Fingerprint: 1C:58:A3:A8:51:8E:87:59:BF:07:5B:76:B7:50:D4:F2:DF:26:4F:CD
MD5 Fingerprint: E6:7B:58:6F:70:46:BF:E0:AA:51:F6:66:0B:11:9D:D9

OpenSSL Handshake

depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1
verify return:1
depth=0 C = US, ST = Illinois, L = Aurora, O = "Kohl's, Inc.", CN = kohls.com
verify return:1
CONNECTED(00000003)
OCSP response: 
======================================
OCSP Response Data:
    OCSP Response Status: successful (0x0)
    Response Type: Basic OCSP Response
    Version: 1 (0x0)
    Responder Id: B76BA2EAA8AA848C79EAB4DA0F98B2C59576B9F4
    Produced At: May 28 17:36:54 2023 GMT
    Responses:
    Certificate ID:
      Hash Algorithm: sha1
      Issuer Name Hash: E4E395A229D3D4C1C31FF0980C0B4EC0098AABD8
      Issuer Key Hash: B76BA2EAA8AA848C79EAB4DA0F98B2C59576B9F4
      Serial Number: 0846DE929B97A19E7E3AC5F0B8F3DDCC
    Cert Status: good
    This Update: May 28 17:21:02 2023 GMT
    Next Update: Jun  4 16:36:02 2023 GMT

    Signature Algorithm: sha256WithRSAEncryption
         99:03:56:ad:ec:a8:e2:65:8c:26:c5:b4:3a:6f:ca:b8:15:da:
         cf:29:fb:49:9c:fb:dd:71:8a:60:5a:cf:09:b3:e7:c6:ee:c8:
         1b:1a:d5:3f:41:f3:67:35:41:2b:f8:52:af:9b:01:7c:b6:9f:
         b1:d6:0a:74:bd:f6:db:db:17:15:77:9e:3b:59:30:fe:c4:55:
         b1:25:91:b3:de:8f:81:53:a5:52:cf:32:3a:4d:ab:17:6d:6a:
         97:9f:a7:6a:57:ea:67:ee:2d:e1:4a:66:45:b2:f0:7a:63:56:
         8d:88:86:5a:bb:8a:68:a4:90:d0:4b:95:0b:35:c4:e5:2f:1e:
         c2:69:6b:6f:f0:57:a7:94:6b:1f:91:86:92:8b:03:d5:0d:df:
         39:2d:92:09:9f:bb:d4:57:d8:c7:0a:32:b0:e3:9c:01:23:e4:
         22:a7:98:34:bd:cc:5d:e0:9b:7b:df:be:62:22:fd:da:ef:2a:
         a1:5f:ee:9d:15:ef:53:3d:49:82:8e:8a:e9:33:1c:a2:38:ad:
         06:8a:b0:e6:84:75:58:ef:d0:e0:e1:21:09:62:a1:52:31:8d:
         98:7e:75:85:d3:9d:b0:a5:19:55:2b:5f:a5:e5:b5:a6:de:e0:
         2c:5d:29:02:9b:43:2d:23:50:57:47:0b:eb:cf:1b:b6:ac:65:
         d6:57:ad:e3
======================================
---
Certificate chain
 0 s:C = US, ST = Illinois, L = Aurora, O = "Kohl's, Inc.", CN = kohls.com
   i:C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1
-----BEGIN CERTIFICATE-----
MIIIpzCCB4+gAwIBAgIQCEbekpuXoZ5+OsXwuPPdzDANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMjA4MTYwMDAwMDBa
Fw0yMzA4MTgyMzU5NTlaMFwxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhJbGxpbm9p
czEPMA0GA1UEBxMGQXVyb3JhMRUwEwYDVQQKEwxLb2hsJ3MsIEluYy4xEjAQBgNV
BAMTCWtvaGxzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJwHGhnqfizg
kXx4ngI/Fdd06o96AG9a378MWBhZbsASFo4L1Idbp4wyD5VEpQRV09ld3ty8A+hG
7lfg0EW2txSjggY7MIIGNzAfBgNVHSMEGDAWgBS3a6LqqKqEjHnqtNoPmLLFlXa5
9DAdBgNVHQ4EFgQUnKPi9irQLXuiMBeHcUT1Q6tOYlUwggLkBgNVHREEggLbMIIC
14IJa29obHMuY29tggsqLmtvaGxzLmNvbYIVY3Jtcy5rb2hsc3Jld2FyZHMuY29t
ghRjc3Iua29obHNyZXdhcmRzLmNvbYIJay1sYWIuY29tghRrb2hsc2NvcnBvcmF0
aW9uLmNvbYIOa29obHNncmVlbi5jb22CE2tvaGxzZ3JlZW5zY2VuZS5jb22CE2tv
aGxzcmVhbGVzdGF0ZS5jb22CEGtvaGxzcmV3YXJkcy5jb22CEmtvaGxzc3VwcGxp
ZXJzLmNvbYIPa29obHN0cmF2ZWwuY29tghZsYXVyZW5jb25yYWRydW53YXkuY29t
ghhsY2xhdXJlbmNvbnJhZHJ1bndheS5jb22CDGxjcnVud2F5LmNvbYISbS5rb2hs
c3Jld2FyZHMuY29tghNtZWRpYTEua29obHNpbWcuY29tghNtZWRpYTIua29obHNp
bWcuY29tgg9teWtvaGxzY2FyZC5jb22CEW15a29obHNjaGFyZ2UuY29tggxvZmZh
aXNsZS5jb22CEnZpZGVvLmtvaGxzaW1nLmNvbYINd3d3LmstbGFiLmNvbYIYd3d3
LmtvaGxzY29ycG9yYXRpb24uY29tghJ3d3cua29obHNncmVlbi5jb22CF3d3dy5r
b2hsc2dyZWVuc2NlbmUuY29tghd3d3cua29obHNyZWFsZXN0YXRlLmNvbYIUd3d3
LmtvaGxzcmV3YXJkcy5jb22CFnd3dy5rb2hsc3N1cHBsaWVycy5jb22CE3d3dy5r
b2hsc3RyYXZlbC5jb22CGnd3dy5sYXVyZW5jb25yYWRydW53YXkuY29tghx3d3cu
bGNsYXVyZW5jb25yYWRydW53YXkuY29tghB3d3cubGNydW53YXkuY29tghN3d3cu
bXlrb2hsc2NhcmQuY29tghV3d3cubXlrb2hsc2NoYXJnZS5jb22CEHd3dy5vZmZh
aXNsZS5jb20wDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjCBjwYDVR0fBIGHMIGEMECgPqA8hjpodHRwOi8vY3JsMy5kaWdpY2Vy
dC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0ExLTQuY3JsMECgPqA8hjpo
dHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIw
Q0ExLTQuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0
dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB/BggrBgEFBQcBAQRzMHEwJAYIKwYB
BQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBJBggrBgEFBQcwAoY9aHR0
cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2MjAy
MENBMS0xLmNydDAJBgNVHRMEAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgA
dgCt9776fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAYKor6NwAAAEAwBH
MEUCIQDSLQbsk96R6p3wTTXZc71B8ItKYjkPF6HCEnZoWqoFkQIgNrPZ/6AOGTkW
mG4gtvhaTWtV/qjnF4JKjHvhpOsmMQoAdgA1zxkbv7FsV78PrUxtQsu7ticgJlHq
P+Eq76gDwzvWTAAAAYKor6NXAAAEAwBHMEUCIQDT7sUyXSZIvG7REoQgHW70lWk5
S7ML2BUAqRt+PEVbGAIga8HcDTvPzzUdLKWsMvFdbba79X4t30nUPufuo56XjK0A
dgCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAYKor6OzAAAEAwBH
MEUCIQC6r0hjR4M3ulVGg8KUJ7OknmbWAF8UP1VpGrnNnVertgIgZVBucLmc/BZk
oEl1OUxTwJ4pDYuCZh7CC6x17bmb4MIwDQYJKoZIhvcNAQELBQADggEBABVZFocD
OjRT1IJSHB70BqbHH0D1H0PY+UkIFQXsZqGMFyA/D8w82VqkjYsreYtKff8jKpQn
3q+hqIhNa0iTlvrorkSipxKxj55O1Rd8YXx4mtWlA+xk6YiCdxxFtgaUGctIxHj2
nx0jcxFd7I1X9y9+KguIGHFdvfH1rExvQsae/5QGVIEXSmkxAETxq+n583HCPE2B
Ty+RSn5tJyk/T61kShQFt6XacuwnjC56dfLmDmlmRMeU34qiH1Qbfxmb1VUv2LEO
Zr53M9JWZw159d+YF2a9YMhjcl8bEOfsV67jsMx99tB/SSXcUuzZNMI7a2JpRShI
kJrgRqEsqBOPOJ4=
-----END CERTIFICATE-----
 1 s:C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1
   i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
-----BEGIN CERTIFICATE-----
MIIEvjCCA6agAwIBAgIQBtjZBNVYQ0b2ii+nVCJ+xDANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
QTAeFw0yMTA0MTQwMDAwMDBaFw0zMTA0MTMyMzU5NTlaME8xCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxKTAnBgNVBAMTIERpZ2lDZXJ0IFRMUyBS
U0EgU0hBMjU2IDIwMjAgQ0ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwUuzZUdwvN1PWNvsnO3DZuUfMRNUrUpmRh8sCuxkB+Uu3Ny5CiDt3+PE0J6a
qXodgojlEVbbHp9YwlHnLDQNLtKS4VbL8Xlfs7uHyiUDe5pSQWYQYE9XE0nw6Ddn
g9/n00tnTCJRpt8OmRDtV1F0JuJ9x8piLhMbfyOIJVNvwTRYAIuE//i+p1hJInuW
raKImxW8oHzf6VGo1bDtN+I2tIJLYrVJmuzHZ9bjPvXj1hJeRPG/cUJ9WIQDgLGB
Afr5yjK7tI4nhyfFK3TUqNaX3sNk+crOU6JWvHgXjkkDKa77SU+kFbnO8lwZV21r
eacroicgE7XQPUDTITAHk+qZ9QIDAQABo4IBgjCCAX4wEgYDVR0TAQH/BAgwBgEB
/wIBADAdBgNVHQ4EFgQUt2ui6qiqhIx56rTaD5iyxZV2ufQwHwYDVR0jBBgwFoAU
A95QNVbRTLtm8KPiGxvDl7I90VUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQG
CCsGAQUFBwMBBggrBgEFBQcDAjB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGG
GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2Nh
Y2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNydDBCBgNV
HR8EOzA5MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRH
bG9iYWxSb290Q0EuY3JsMD0GA1UdIAQ2MDQwCwYJYIZIAYb9bAIBMAcGBWeBDAEB
MAgGBmeBDAECATAIBgZngQwBAgIwCAYGZ4EMAQIDMA0GCSqGSIb3DQEBCwUAA4IB
AQCAMs5eC91uWg0Kr+HWhMvAjvqFcO3aXbMM9yt1QP6FCvrzMXi3cEsaiVi6gL3z
ax3pfs8LulicWdSQ0/1s/dCYbbdxglvPbQtaCdB73sRD2Cqk3p5BJl+7j5nL3a7h
qG+fh/50tx8bIKuxT8b1Z11dmzzp/2n3YWzW2fP9NsarA4h20ksudYbj/NhVfSbC
EXffPgK2fPOre3qGNm+499iTcc+G33Mw+nur7SpZyEKEOxEXGlLzyQ4UfaJbcme6
ce1XR2bFuAJKZTRei9AqPCCcUZlM51Ke92sRKw2Sfh3oius2FkOH6ipjv3U/697E
A7sKPPcw7+uvTPyLNhBzPvOk
-----END CERTIFICATE-----
---
Server certificate
subject=C = US, ST = Illinois, L = Aurora, O = "Kohl's, Inc.", CN = kohls.com

issuer=C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: ECDSA
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 4306 bytes and written 407 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 256 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
DONE