SSL Checker
Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.
Report
| Hostname: | close Doesn't match Common Name or/and SANs |
| Expired: | done No (38 days till expiration) |
| Public Key: | done We were unable to find any issues in the public key of end-entity certificate |
| Trusted: | done Yes, we were able to verify the certificate |
| Self-Signed: | done No, the end-entity certificate is not self-signed |
| Chain Issues: | done No, we were unable to detect any issues in the certificate chain sent by the server |
| Weak signatures: | done No, certificates sent by the server were not signed utilizing a weak hash function |
| OCSP Status: | done OCSP Responder returned "good" status for the end-entity certificate |
DNS Information
| Resolves To: | 69.175.12.190 |
| Reverse IP lookup: | server.shopxml.com. |
| Nameserver: | ns1.shopxml.com. |
| Nameserver: | ns2.shopxml.com. |
General Information
| Common Name: | xmlshop.com |
| SANs: | DNS:xmlshop.comDNS:www.xmlshop.com Total number of SANs: 2 |
| Signature Algorithm: | sha384WithRSAEncryption |
| Key Type: | RSA |
| Key size: | 2048 bits |
| Serial Number: | 3cdd10c6907c2424df4aff09d150cd34 |
| Not Before: | Mar 05, 2024 00:00:00 GMT |
| Not After: | Jun 03, 2024 23:59:59 GMT |
| Number of certs: | 2 |
| Revocation Status: | good |
| OCSP Stapling: | Not Supported |
| Server: | nginx |
| HSTS: | Not Supported |
| HPKP: | Not Supported |
Chain Information
Certificate # 1 - Common Name: xmlshop.com
Decode this certificate for verbose information → launch| Subject Common Name | xmlshop.com |
| Issuer Common Name | ZeroSSL RSA Domain Secure Site CA |
| Issuer Organization | ZeroSSL |
| Not Before: | Mar 05, 2024 00:00:00 GMT |
| Not After: | Jun 03, 2024 23:59:59 GMT |
| Signature Algorithm: | sha384WithRSAEncryption |
| Serial Number: | 3cdd10c6907c2424df4aff09d150cd34 |
| SHA1 Fingerprint: | 90:11:8F:0B:9D:DB:D4:13:69:C8:47:CE:09:8E:93:83:2E:5E:DD:B3 |
| MD5 Fingerprint: | 13:E0:BA:73:EF:3C:9E:3C:86:EE:6B:1D:50:69:0B:F0 |
Certificate # 2 - Common Name: ZeroSSL RSA Domain Secure Site CA
Decode this certificate for verbose information → launch| In place? | Yes, this certificate directly certifies the preceding one |
| Subject Common Name | ZeroSSL RSA Domain Secure Site CA |
| Subject Organization | ZeroSSL |
| Issuer Common Name | USERTrust RSA Certification Authority |
| Issuer Organization | The USERTRUST Network |
| Not Before: | Jan 30, 2020 00:00:00 GMT |
| Not After: | Jan 29, 2030 23:59:59 GMT |
| Signature Algorithm: | sha384WithRSAEncryption |
| Serial Number: | 6c55abdbd00792c79d070cd8119ed6bf |
| SHA1 Fingerprint: | C8:1A:8B:D1:F9:CF:6D:84:C5:25:F3:78:CA:1D:3F:8C:30:77:0E:34 |
| MD5 Fingerprint: | 58:AA:23:10:7C:8D:5A:ED:EA:BD:0D:5E:32:57:85:92 |
OpenSSL Handshake
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
verify return:1
depth=1 C = AT, O = ZeroSSL, CN = ZeroSSL RSA Domain Secure Site CA
verify return:1
depth=0 CN = xmlshop.com
verify return:1
CONNECTED(00000003)
OCSP response: no response sent
---
Certificate chain
0 s:CN = xmlshop.com
i:C = AT, O = ZeroSSL, CN = ZeroSSL RSA Domain Secure Site CA
-----BEGIN CERTIFICATE-----
MIIGdDCCBFygAwIBAgIQPN0QxpB8JCTfSv8J0VDNNDANBgkqhkiG9w0BAQwFADBL
MQswCQYDVQQGEwJBVDEQMA4GA1UEChMHWmVyb1NTTDEqMCgGA1UEAxMhWmVyb1NT
TCBSU0EgRG9tYWluIFNlY3VyZSBTaXRlIENBMB4XDTI0MDMwNTAwMDAwMFoXDTI0
MDYwMzIzNTk1OVowFjEUMBIGA1UEAxMLeG1sc2hvcC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQC+PcC59XRQPTGIsUog8zLSsm9P8kCH2jvTic1b
M5GdmgYDAJMfXmNj38j+6ZVs/kdBXbmkKwXlHSmMayRh9/AeBnFbczRJlLWUXoWu
TNBcmB/LEcUI+w04xD8BOFQEExmCpGFYLAjh3DHiqYclR0yDmASJF3KQUNut/5p3
I7CX14R32iwcIcfjaLuAkIAphLAUDnM0mUXGiBEpYB/BeGDqTzgP7RsPq1/cOLKw
AbftCUJupsudHeGiJ3BYtDiO/JSGM7+zOPAnavVZizBNjCAblt9azJJJG6XL6Na9
nMbvgIzxFQ+nTBPz0/wawtSuxJ5pX4L/oh2lg1ECKXPcAbShAgMBAAGjggKHMIIC
gzAfBgNVHSMEGDAWgBTI2XhootkZaNU9ct5fCj7ctYaGpjAdBgNVHQ4EFgQURq5S
GfzM0EbkV+MNjO6eVnrI1vkwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1UdIARCMEAwNAYLKwYB
BAGyMQECAk4wJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMw
CAYGZ4EMAQIBMIGIBggrBgEFBQcBAQR8MHowSwYIKwYBBQUHMAKGP2h0dHA6Ly96
ZXJvc3NsLmNydC5zZWN0aWdvLmNvbS9aZXJvU1NMUlNBRG9tYWluU2VjdXJlU2l0
ZUNBLmNydDArBggrBgEFBQcwAYYfaHR0cDovL3plcm9zc2wub2NzcC5zZWN0aWdv
LmNvbTCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1AHb/iD8KtvuVUcJhzPWHujS0
pM27KdxoQgqf5mdMWjp0AAABjg9MUIsAAAQDAEYwRAIgECHyHwtiqbNpJ9luaBa4
Bj5bMl6+MhUAIEh1vwEePawCIBARGzLNQ1U7zSo6Q3J4N3P+Slh0wxVWUeIM6NTu
regeAHYAO1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGOD0xQbgAA
BAMARzBFAiEA30rwUEEPolzTzVLlwDwU6nV2mClGox1xKt3L9qwW/2cCIFgoKswG
1DaxlIA5YcVNVa2SrkkEHB74ss8n7D5DkQgIMCcGA1UdEQQgMB6CC3htbHNob3Au
Y29tgg93d3cueG1sc2hvcC5jb20wDQYJKoZIhvcNAQEMBQADggIBAAyaUognwjFb
3Mw1tQBWhiOctidomFO9fr5o7Lt3Xi65YlkhkDFSPSHxcM0d11I8GtGaNF14gK5m
VfMoj5dpeqjGiYo/0ENWdz575N8CK+hOQPzhFtMxcj9ho48/a1CJMX9kaZPfzyHq
vakQcXIjGGgIv0/mB/B+EHgldrBdo7LHDZ80BtA7b6CSxvZF+xzhPC75P1+0WgMj
uTzk9qV0+Rs1+VHeGkiWDrp+pkgTx5jHt0xj7abdXumPmVx9nZshWo0L35mCwveh
IO1aOjjnKHwHVl7pgVEXp7XzOGktjQeIfhBc866ZxTS/4ekXXui18jxcRDhGS+sP
2SlV2mRLYf6UDVJ0bUqmSCIKosdh4+UHJ6VXcX3ucC8GzLqstxWer0mAwsSu6Ewc
wzCaGrMuHyP22VfrZoxCMRbxQ49ipFBVb/H0M0FfS7fet+pGjKjwtGzmDZonylmS
KMH0uZOttd7m4yM6Cjlq7460CqUHkxQvg9YdjDXBKux8o8y5TsWjOzGNLH4fGem/
DPHx6veYl56HsoV3qtKTN68bVc/2HareapXy3bo/jUT4oZ1UFJr9SP2XzVktQujM
aoBS4vZm3nbey7uw9wjpLIiOoEFrAatw5SnUdx4a5DryDqH4ZlPw9npUx5+X9dId
L3grgDRUe91oCUb4bb9kT2RIKNpr5Kzr
-----END CERTIFICATE-----
1 s:C = AT, O = ZeroSSL, CN = ZeroSSL RSA Domain Secure Site CA
i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
-----BEGIN CERTIFICATE-----
MIIG1TCCBL2gAwIBAgIQbFWr29AHksedBwzYEZ7WvzANBgkqhkiG9w0BAQwFADCB
iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
MTMwMDAwMDAwWhcNMzAwMTI5MjM1OTU5WjBLMQswCQYDVQQGEwJBVDEQMA4GA1UE
ChMHWmVyb1NTTDEqMCgGA1UEAxMhWmVyb1NTTCBSU0EgRG9tYWluIFNlY3VyZSBT
aXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAhmlzfqO1Mdgj
4W3dpBPTVBX1AuvcAyG1fl0dUnw/MeueCWzRWTheZ35LVo91kLI3DDVaZKW+TBAs
JBjEbYmMwcWSTWYCg5334SF0+ctDAsFxsX+rTDh9kSrG/4mp6OShubLaEIUJiZo4
t873TuSd0Wj5DWt3DtpAG8T35l/v+xrN8ub8PSSoX5Vkgw+jWf4KQtNvUFLDq8mF
WhUnPL6jHAADXpvs4lTNYwOtx9yQtbpxwSt7QJY1+ICrmRJB6BuKRt/jfDJF9Jsc
RQVlHIxQdKAJl7oaVnXgDkqtk2qddd3kCDXd74gv813G91z7CjsGyJ93oJIlNS3U
gFbD6V54JMgZ3rSmotYbz98oZxX7MKbtCm1aJ/q+hTv2YK1yMxrnfcieKmOYBbFD
hnW5O6RMA703dBK92j6XRN2EttLkQuujZgy+jXRKtaWMIlkNkWJmOiHmErQngHvt
iNkIcjJumq1ddFX4iaTI40a6zgvIBtxFeDs2RfcaH73er7ctNUUqgQT5rFgJhMmF
x76rQgB5OZUkodb5k2ex7P+Gu4J86bS15094UuYcV09hVeknmTh5Ex9CBKipLS2W
2wKBakf+aVYnNCU6S0nASqt2xrZpGC1v7v6DhuepyyJtn3qSV2PoBiU5Sql+aARp
wUibQMGm44gjyNDqDlVp+ShLQlUH9x8CAwEAAaOCAXUwggFxMB8GA1UdIwQYMBaA
FFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBTI2XhootkZaNU9ct5fCj7c
tYaGpjAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQIC
TjAIBgZngQwBAgEwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1
c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYG
CCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3Qu
Y29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRw
Oi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQAVDwoIzQDV
ercT0eYqZjBNJ8VNWwVFlQOtZERqn5iWnEVaLZZdzxlbvz2Fx0ExUNuUEgYkIVM4
YocKkCQ7hO5noicoq/DrEYH5IuNcuW1I8JJZ9DLuB1fYvIHlZ2JG46iNbVKA3ygA
Ez86RvDQlt2C494qqPVItRjrz9YlJEGT0DrttyApq0YLFDzf+Z1pkMhh7c+7fXeJ
qmIhfJpduKc8HEQkYQQShen426S3H0JrIAbKcBCiyYFuOhfyvuwVCFDfFvrjADjd
4jX1uQXd161IyFRbm89s2Oj5oU1wDYz5sx+hoCuh6lSs+/uPuWomIq3y1GDFNafW
+LsHBU16lQo5Q2yh25laQsKRgyPmMpHJ98edm6y2sHUabASmRHxvGiuwwE25aDU0
2SAeepyImJ2CzB80YG7WxlynHqNhpE7xfC7PzQlLgmfEHdU+tHFeQazRQnrFkW2W
kqRGIq7cKRnyypvjPMkjeiV9lRdAM9fSJvsB3svUuu1coIG1xxI1yegoGM4r5QP4
RGIVvYaiI76C0djoSbQ/dkIUUXQuB8AL5jyH34g3BZaaXyvpmnV4ilppMXVAnAYG
ON51WhJ6W0xNdNJwzYASZYH+tmCWI+N60Gv2NNMGHwMZ7e9bXgzUCZH5FaBFDGR5
S9VWqHB73Q+OyIVvIbKYcSc2w/aSuFKGSA==
-----END CERTIFICATE-----
---
Server certificate
subject=CN = xmlshop.com
issuer=C = AT, O = ZeroSSL, CN = ZeroSSL RSA Domain Secure Site CA
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 4102 bytes and written 448 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: 954F2166FEAF41631DCA54915A3C5C52FB9E239518C8D45668903F525476D8FF
Session-ID-ctx:
Master-Key: 230303955DE0821EF7359E557648BC4736B6C91750474990568D04C04AD5B30DCC2A1A1EA631D4D804C4DCA9EB3E9179
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - dd 16 a9 f8 8a 17 84 37-13 6f 48 44 23 33 81 e5 .......7.oHD#3..
0010 - 66 f7 88 5e 76 40 24 35-71 64 39 60 84 12 d7 0d f..^v@$5qd9`....
0020 - 55 f2 1d d8 74 33 2e 7d-3e bb c0 d0 2c bf b7 93 U...t3.}>...,...
0030 - 78 77 0e 64 6b 6d e3 73-79 34 dc 64 71 04 3b 05 xw.dkm.sy4.dq.;.
0040 - fb 7a ab 9c 19 a7 63 c1-9c 85 e8 10 fd ad f9 16 .z....c.........
0050 - 5e ae 4f 73 f2 9d d6 49-d0 bc af 58 63 b5 41 56 ^.Os...I...Xc.AV
0060 - 25 3c 63 88 62 92 06 46-4d d7 d4 6d 2f 61 cb 56 %<c.b..FM..m/a.V
0070 - 7e a5 98 79 b5 25 47 2a-9b ff 58 bc 49 22 7b ed ~..y.%G*..X.I"{.
0080 - e9 cd 55 2f f6 9f fb 57-56 3d 5d 84 60 88 9b 14 ..U/...WV=].`...
0090 - 0b d0 35 2a 94 33 04 c4-48 8e 87 69 12 a8 d9 69 ..5*.3..H..i...i
00a0 - e8 e0 8a fd c6 c8 7f 23-4a 5e cb 5c 2d b0 c2 fe .......#J^.\-...
00b0 - 25 ea ec 10 10 b6 0e 2a-9f 98 b4 7b 7d 0f 13 5c %......*...{}..\
Start Time: 1714137651
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---
DONE