SSL-Tools

SSL check results of pki.darkfire.ch

NEW You can also bulk check multiple servers.

Discover if the webservers of pki.darkfire.ch can be reached through a secure connection.

Summary

JSON Refresh

Report created Fri, 29 Nov 2024 23:43:25 +0000

The webservers of pki.darkfire.ch can be reached through a secure connection.

Servers

Hostname / IP address Certificates Protocol
pki.darkfire.ch
81.6.35.252
 darkfire.ch
HSTS
unexpected EOF
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
pki.darkfire.ch
2a02:169:605:101::101
 darkfire.ch
HSTS
unexpected EOF
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Certificates

First seen at:

CN=darkfire.ch

Certificate chain
  • darkfire.ch
    • remaining
    • 256 bit
    • ecdsa-with-SHA384
      • E5
        • remaining
        • 384 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • darkfire.ch
Alternative Names
  • *.darkfire.ch
  • darkfire.ch
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • E5
validity period
Not valid before
2024-10-15
Not valid after
2025-01-13
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
B3:12:A3:DB:E7:3C:3C:11:2D:5A:1E:5B:16:3C:1E:8F:71:4D:3E:4A:DE:63:9A:AB:84:1C:57:16:26:A4:24:A8
SHA1
B0:02:22:2F:54:FA:FF:69:05:2F:5B:7A:D6:04:26:C2:7B:B3:18:D8
X509v3 extensions
subjectKeyIdentifier
  • 9B:E5:83:4D:77:06:6C:66:3F:65:DC:9C:77:C2:3E:CE:D9:A1:7B:C8
authorityKeyIdentifier
  • keyid:9F:2B:5F:CF:3C:21:4F:9D:04:B7:ED:2B:2C:C4:C6:70:8B:D2:D7:0D
authorityInfoAccess
  • OCSP - URI:http://e5.o.lencr.org
  • CA Issuers - URI:http://e5.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
  • 1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
  • Timestamp : Oct 15 06:02:10.671 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:AE:7A:29:F0:3E:55:45:CB:08:5D:5D:
  • 8A:17:AA:99:97:A9:A0:15:8A:81:17:26:8E:FD:67:5C:
  • 31:1F:B7:6E:C1:02:20:39:95:0E:5C:0E:BD:50:17:BC:
  • A2:74:36:37:CA:75:D3:4C:90:CD:D8:69:0B:FC:7D:D7:
  • 97:C8:D9:EE:D9:4F:33
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
  • 16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
  • Timestamp : Oct 15 06:02:10.821 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:89:E6:33:79:54:F8:4E:5F:37:EA:17:
  • 49:99:69:24:4B:64:C2:CC:92:30:87:5D:E8:9F:7D:61:
  • 9E:F3:B9:6B:50:02:20:78:71:5A:08:10:5D:9B:EA:0B:
  • 61:30:A3:25:71:9A:25:EB:91:FE:C2:16:6C:48:3D:4D:
  • DB:41:45:5B:58:38:57

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_443._tcp.pki.darkfire.ch
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid