Ministerstvo vnitra Přijímejte a posílejte datové zprávy, spravujte své údaje ze základních registrů, ukládejte a spravujte své doklady a dokumenty, podávejte cokoli na kterýkoli úřad.
Všechno je v nejlepším pořádku a web se drží doporučených postupů.
Detailní report z HTTPs analýzy pomocí nástroje testssl.sh
| server | obcan.portal.gov.cz/185.17.214.245 |
| pre_128cipher |
INFO
{
No 128 cipher limit bug} |
| SSLv2 |
OK
{
not offered} |
| SSLv3 |
OK
{
not offered} |
| TLS1 |
INFO
{
not offered} |
| TLS1_1 |
INFO
{
not offered} |
| TLS1_2 |
OK
{
offered} |
| TLS1_3 |
OK
{
offered with final} |
| NPN |
INFO
{
offered with h2, http/1.1 (advertised)} |
| ALPN_HTTP2 |
OK
{
h2} |
| ALPN |
INFO
{
http/1.1} |
|
cipherlist_NULL
zranitelnosti:
CWE-327
|
OK
{
not offered} |
|
cipherlist_aNULL
zranitelnosti:
CWE-327
|
OK
{
not offered} |
|
cipherlist_EXPORT
zranitelnosti:
CWE-327
|
OK
{
not offered} |
|
cipherlist_LOW
zranitelnosti:
CWE-327
|
OK
{
not offered} |
|
cipherlist_3DES_IDEA
zranitelnosti:
CWE-310
|
INFO
{
not offered} |
|
cipherlist_AVERAGE
zranitelnosti:
CWE-310
|
LOW
{
offered} |
| cipherlist_GOOD |
INFO
{
not offered} |
| cipherlist_STRONG |
OK
{
offered} |
| cipher_order |
OK
{
server} |
| protocol_negotiated |
OK
{
Default protocol TLS1.3} |
| cipher_negotiated |
OK
{
TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519)} |
| cipher-tls1_2_xc02f |
OK
{
TLSv1.2 xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256} |
| cipher-tls1_2_xc030 |
OK
{
TLSv1.2 xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384} |
| cipher-tls1_2_xc027 |
LOW
{
TLSv1.2 xc027 ECDHE-RSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256} |
| cipher-tls1_2_xc028 |
LOW
{
TLSv1.2 xc028 ECDHE-RSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384} |
| cipherorder_TLSv1_2 |
INFO
{
ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-SHA384} |
| cipher-tls1_3_x1302 |
OK
{
TLSv1.3 x1302 TLS_AES_256_GCM_SHA384 ECDH 253 AESGCM 256 TLS_AES_256_GCM_SHA384} |
| cipher-tls1_3_x1301 |
OK
{
TLSv1.3 x1301 TLS_AES_128_GCM_SHA256 ECDH 253 AESGCM 128 TLS_AES_128_GCM_SHA256} |
| cipherorder_TLSv1_3 |
INFO
{
TLS_AES_256_GCM_SHA384 TLS_AES_128_GCM_SHA256} |
| FS |
OK
{
offered} |
| FS_ciphers |
INFO
{
TLS_AES_256_GCM_SHA384 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 TLS_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256} |
| FS_ECDHE_curves |
OK
{
prime256v1 secp384r1 secp521r1 X25519 X448} |
| TLS_extensions |
INFO
{
'renegotiation info/#65281' 'server name/#0' 'EC point formats/#11' 'session ticket/#35' 'next protocol/#13172' 'supported versions/#43' 'key share/#51' 'supported_groups/#10' 'max fragment length/#1' 'application layer protocol negotiation/#16' 'encrypt-then-mac/#22' 'extended master secret/#23'} |
| TLS_session_ticket |
INFO
{
valid for 300 seconds only (<daily)} |
| SSL_sessionID_support |
INFO
{
yes} |
| sessionresumption_ticket |
INFO
{
supported} |
| sessionresumption_ID |
INFO
{
not supported} |
| TLS_timestamp |
INFO
{
random} |
| certificate_compression |
INFO
{
none} |
| clientAuth |
INFO
{
none} |
| cert_numbers |
INFO
{
1} |
| cert_signatureAlgorithm |
OK
{
SHA256 with RSA} |
| cert_keySize |
INFO
{
RSA 2048 bits (exponent is 65537)} |
| cert_keyUsage |
INFO
{
Digital Signature, Key Encipherment} |
| cert_extKeyUsage |
INFO
{
TLS Web Server Authentication} |
| cert_serialNumber |
INFO
{
0327E8DB628222D1021ECF5CD6940040} |
| cert_serialNumberLen |
INFO
{
16} |
| cert_fingerprintSHA1 |
INFO
{
9FA96604756B24F626D3B77910513C90B4CC6739} |
| cert_fingerprintSHA256 |
INFO
{
81FBD7621C3FC976F2BF15D2BC764CE2ADB3CA4D2E12F84AB3C01A7BEA94142D} |
| cert |
INFO
{
-----BEGIN CERTIFICATE----- MIIJnDCCCISgAwIBAgIQAyfo22KCItECHs9c1pQAQDANBgkqhkiG9w0BAQsFADBE MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVH ZW9UcnVzdCBFViBSU0EgQ0EgRzIwHhcNMjYwNTI3MDAwMDAwWhcNMjYxMjExMjM1 OTU5WjCBoDETMBEGCysGAQQBgjc8AgEDEwJDWjEaMBgGA1UEDwwRR292ZXJubWVu dCBFbnRpdHkxETAPBgNVBAUTCDE3NjUxOTIxMQswCQYDVQQGEwJDWjEOMAwGA1UE BxMFUHJhaGExLDAqBgNVBAoMI0RpZ2l0w6FsbsOtIGEgaW5mb3JtYcSNbsOtIGFn ZW50dXJhMQ8wDQYDVQQDEwZnb3YuY3owggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQDeC6KpJAD6y6aI1aiKBcL4A92M7c3vD2hZ4vIsuLB91RHvPgiTAYDs jKows5gF8ynR/nVo0qBIBy+0saAZU8t/016N2dW9uJjWSUrZXVRMOtj0edu6aJ/r /U5LxUf1TeBY/AXbku7ES+K4tpO3d2NfU1Q5rE+XIqdG1ybXMFH5md6wHgjV+HH3 SMDQqPWRr1ICRpnsjN5WSGudbl1h9vEBQmTuQdRCYpukOqxgTTgxO8Hq9Zb9IzmR Oo6W2Ct8Kb/7rdMsYo+yzxgtUSf4CLKoBQQzABLApJnQcEbwJSZq/gngUn6gvma5 JjBXP969rtguQF5dER7U5bOsChN8KFLhAgMBAAGjggYrMIIGJzAfBgNVHSMEGDAW gBQo0s/uCYR13bWytb881aDGc4hdHzAdBgNVHQ4EFgQULfBakS4SnBEVhR3Xts9+ 9nmSE9UwggL1BgNVHREEggLsMIIC6IIGZ292LmN6ghJzZXpuYW0tdGVzdC5nb3Yu Y3qCGG9iY2FuLXRlc3QucG9ydGFsLmdvdi5jeoITb2JjYW4ucG9ydGFsLmdvdi5j eoIUcGxhdGVibmlicmFueS5nb3YuY3qCEXBvcnRhbC1kZXYuZ292LmN6ghNwb3J0 YWwtc3RhZ2UuZ292LmN6ghJwb3J0YWwtdGVzdC5nb3YuY3qCDXBvcnRhbC5nb3Yu Y3qCFXJlZGFrY2UucG9ydGFsLmdvdi5jeoIZb2JjYW4tc3RhZ2UucG9ydGFsLmdv di5jeoINc2V6bmFtLmdvdi5jeoIVc3ByYXZhZGF0LXRlc3QuZ292LmN6ghBzcHJh dmFkYXQuZ292LmN6ghNzdGFnZS5wb3J0YWwuZ292LmN6gg52b2xpY2FrLmdvdi5j eoIPd3d3LXRlc3QuZ292LmN6ggp3d3cuZ292LmN6ghF3d3cucG9ydGFsLmdvdi5j eoITZGVzaWduc3lzdGVtLmdvdi5jeoIXYWtyZWRpdGFjZS1zdGFnZS5nb3YuY3qC FmFrcmVkaXRhY2UtdGVzdC5nb3YuY3qCEWFrcmVkaXRhY2UuZ292LmN6ggphcGku Z292LmN6ggpjZG4uZ292LmN6ghdkZXNpZ25zeXN0ZW0tZGV2Lmdvdi5jeoIZZGVz aWduc3lzdGVtLXN0YWdlLmdvdi5jeoIYZGVzaWduc3lzdGVtLXRlc3QuZ292LmN6 ghVha3JlZGl0YWNlLWRldi5nb3YuY3qCEWRldi5wb3J0YWwuZ292LmN6ghJlcGV0 aWNlLWRldi5nb3YuY3qCFGVwZXRpY2Utc3RhZ2UuZ292LmN6ghNlcGV0aWNlLXRl c3QuZ292LmN6gg5lcGV0aWNlLmdvdi5jeoIXZm9ybS10ZXN0LnBvcnRhbC5nb3Yu Y3qCEW5vdGlmaWthY2UuZ292LmN6ghdvYmNhbi1kZXYucG9ydGFsLmdvdi5jejBK BgNVHSAEQzBBMAsGCWCGSAGG/WwCATAyBgVngQwBATApMCcGCCsGAQUFBwIBFhto dHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDgYDVR0PAQH/BAQDAgWgMBMGA1Ud JQQMMAoGCCsGAQUFBwMBMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRp Z2ljZXJ0LmNvbS9HZW9UcnVzdEVWUlNBQ0FHMi5jcmwwNKAyoDCGLmh0dHA6Ly9j cmw0LmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEVWUlNBQ0FHMi5jcmwwcwYIKwYBBQUH AQEEZzBlMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wPQYI KwYBBQUHMAKGMWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEVW UlNBQ0FHMi5jcnQwDAYDVR0TAQH/BAIwADCCAX8GCisGAQQB1nkCBAIEggFvBIIB awFpAHYAwjF+V0UZo0XufzjespBB68fCIVoiv3/Vta12mtkOUs0AAAGeaJ38wAAA BAMARzBFAiBiU86dJxFd+FylONqbw+NOFq1hZSXTl2ZSTJhb9QXQ9AIhAIqJ+E0M kKOor32dOeghS+0YpIu9wZlqiFZSPT/ADsJ4AHYA1219ENGn9XfCx+lf1wC/+YLJ M1pl4dCzAXMXwMjFaXcAAAGeaJ38mAAABAMARzBFAiEAnRBXYffocf0DYPB3A94X JhkQ5YxnsqYM2ST+lj5TdPUCIF3X9X6LZVlp6imsqr4yDPaNnES/GHQdXar5oHzA hjEJAHcAlE5Dh/rswe+B8xkkJqgYZQHH0184AgE/cmd9VTcuGdgAAAGeaJ38zgAA BAMASDBGAiEAuhXtXyITvJDrFpsnzlKiBatid6sQyoqq/D5k7lqJzfsCIQDvgskn cwk7i+sgX2rcPa8C/73ioVK9rZolYeAMheFZXDANBgkqhkiG9w0BAQsFAAOCAQEA TXxhPy4S2N+K+q8AM+vgpaaX2uCQZxF0hbhIpqhYwLa6Ba5Ihtm64/uEzZ0sEE91 CElgyg887Ba5J+778cWrvehVH/JNqT68IxOdfVirAgdmtdp1DX+glSDrR6Zk2ErE urCA+8xlOCRmQJgvBtXi/caWLDDjcgKC9U4nr31GicxmFcRy5bgwOkMSWGO0WXN9 wFJXlDdaAqD8U6radl3jMFxxioTzBkLpPPTdt0S2brrLihhBaTqkxlm9nAU/CJTy XQZH+abIcwn9sy5GiSYt78VdL1pYe8wag2gcZU8ZmtRW1B3VszZI8clZWVbOLcmo H8nID/sTEfhssmokTzLMDQ== -----END CERTIFICATE-----} |
| cert_commonName |
OK
{
gov.cz} |
| cert_commonName_wo_SNI |
INFO
{
gov.cz} |
| cert_subjectAltName |
INFO
{
gov.cz seznam-test.gov.cz obcan-test.portal.gov.cz obcan.portal.gov.cz platebnibrany.gov.cz portal-dev.gov.cz portal-stage.gov.cz portal-test.gov.cz portal.gov.cz redakce.portal.gov.cz obcan-stage.portal.gov.cz seznam.gov.cz spravadat-test.gov.cz spravadat.gov.cz stage.portal.gov.cz volicak.gov.cz www-test.gov.cz www.gov.cz www.portal.gov.cz designsystem.gov.cz akreditace-stage.gov.cz akreditace-test.gov.cz akreditace.gov.cz api.gov.cz cdn.gov.cz designsystem-dev.gov.cz designsystem-stage.gov.cz designsystem-test.gov.cz akreditace-dev.gov.cz dev.portal.gov.cz epetice-dev.gov.cz epetice-stage.gov.cz epetice-test.gov.cz epetice.gov.cz form-test.portal.gov.cz notifikace.gov.cz obcan-dev.portal.gov.cz} |
| cert_trust |
OK
{
Ok via SAN (same w/o SNI)} |
| cert_chain_of_trust |
OK
{
passed.} |
| cert_certificatePolicies_EV |
OK
{
yes} |
| cert_expirationStatus |
OK
{
164 >= 60 days} |
| cert_notBefore |
INFO
{
2026-05-27 00:00} |
| cert_notAfter |
OK
{
2026-12-11 23:59} |
| cert_extlifeSpan |
OK
{
certificate has no extended life time according to browser forum} |
| cert_eTLS |
INFO
{
not present} |
| cert_crlDistributionPoints |
INFO
{
http://crl3.digicert.com/GeoTrustEVRSACAG2.crl http://crl4.digicert.com/GeoTrustEVRSACAG2.crl} |
| cert_ocspURL |
INFO
{
http://ocsp.digicert.com} |
| OCSP_stapling |
LOW
{
not offered} |
| cert_mustStapleExtension |
INFO
{
--} |
| DNS_CAArecord |
OK
{
issuewild=;} |
| certificate_transparency |
OK
{
yes (certificate extension)} |
| certs_countServer |
INFO
{
2} |
| certs_list_ordering_problem |
INFO
{
no} |
| cert_caIssuers |
INFO
{
GeoTrust EV RSA CA G2 (DigiCert Inc from US)} |
| intermediate_cert <#1> |
INFO
{
-----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgIQDWASYsinchpuqwNh5WGVgDANBgkqhkiG9w0BAQsFADBh MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH MjAeFw0yMDA3MDIxMjQyNTdaFw0zMDA3MDIxMjQyNTdaMEQxCzAJBgNVBAYTAlVT MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFUdlb1RydXN0IEVWIFJT QSBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANDSvFMMGIOI D2N+rpyaGTPfyItp3atCyimRJCPtAakU984EB19Zugrb82ui0iy0zLKMDrOuN+Ku H6jF4F4ZCoHjN7tFdMtSsCUAbrpFVO/5BLY+VTIg7YUN5LwRHUb2QVSGwKyIeYS+ SqPV8mzTMkG9GnWjG1IQT0F1+Xu7+uAGRFVnIdYCSBgl7iG4qOWZjcPKnW+3OJRO dZtwGE39E7WoasoW8Nvpu5FFp2WIsvY6B/0whr3w+xKeBYb2WNKI1ZXvk4y+AmUa BdRTY0HPBZ4+6Ipcq2Rl+QLQXQuGXH95YujYNYpbnV7ASU5/dVmqVPY0LHnp2sNK IN65/n+DbcsCAwEAAaOCAgswggIHMB0GA1UdDgQWBBQo0s/uCYR13bWytb881aDG c4hdHzAfBgNVHSMEGDAWgBROIlQgGJXm427mD/r6uRLtBhePOTAOBgNVHQ8BAf8E BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQI MAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2Nz cC5kaWdpY2VydC5jb20wewYDVR0fBHQwcjA3oDWgM4YxaHR0cDovL2NybDMuZGln aWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdEcyLmNybDA3oDWgM4YxaHR0cDov L2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdEcyLmNybDCBzgYD VR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5k aWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcCAjB+DHxBbnkgdXNlIG9mIHRoaXMg Q2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmVseWlu ZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBhdCBodHRwczovL3d3dy5kaWdpY2Vy dC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUAA4IBAQBVbQs8KD6qRnOf/dtOHNAy ieoRcA1Zk3lGMLwqNfuLpTb9gDQFpvxGN/3X7i0mAEtRhN/r9fDv8oiVLn6gfpm0 UUN47vFJCzf5dqkV/N7LkMTqlhDA0Ve/GBJ3A2E5yFT7TgAGN4wJ9cCZrKbqKHVU RatwJ+T58jmhbvtEM7t2ucB7u+Dmu4KoOTEx8LR8+qn8OyLh1VLq75vzDTsnhTN5 3AgPdMVFk6F8sjT2P2xbvAb0kAlyAtldAtpGvBzXhacmRs7rTqz/oTDwYZLkrm+q EltdmGwUOWvFPjwucH6tS+gQgiUYiNJqijzI1jr8TZ01VGOSTW7rRUKgkN5WJqDA -----END CERTIFICATE-----} |
| intermediate_cert_fingerprintSHA256 <#1> |
INFO
{
2D140F20B8A96E2B4D2F1CC5ACA5E5A1E7DC56A7491E510906960F38D2D21AEF} |
| intermediate_cert_notBefore <#1> |
INFO
{
2020-07-02 12:42} |
| intermediate_cert_notAfter <#1> |
OK
{
2030-07-02 12:42} |
| intermediate_cert_expiration <#1> |
OK
{
ok > 40 days} |
| intermediate_cert_chain <#1> |
INFO
{
GeoTrust EV RSA CA G2 <-- DigiCert Global Root G2} |
| intermediate_cert_badOCSP |
OK
{
intermediate certificate(s) is/are ok} |
| HTTP_status_code |
INFO
{
200 OK ('/')
}
|
| HTTP_clock_skew |
INFO
{
0 seconds from localtime} |
| HTTP_headerTime |
INFO
{
1782849661} |
| HSTS_time |
OK
{
730 days (=63072000 seconds) > 15552000 seconds} |
| HSTS_subdomains |
OK
{
includes subdomains} |
| HSTS_preload |
INFO
{
domain is NOT marked for preloading} |
| HPKP |
INFO
{
No support for HTTP Public Key Pinning} |
| banner_server |
INFO
{
-} |
| banner_application |
INFO
{
No application banner found} |
| cookie_count |
INFO
{
0 at '/'} |
| X-Frame-Options |
OK
{
DENY} |
| X-Content-Type-Options |
OK
{
nosniff} |
| X-XSS-Protection |
INFO
{
1; mode=block} |
| Referrer-Policy |
INFO
{
no-referrer} |
| Cache-Control |
INFO
{
max-age=0} |
|
banner_reverseproxy
zranitelnosti:
CWE-200
|
INFO
{
--} |
|
heartbleed
zranitelnosti:
CVE-2014-0160
CWE-119
|
OK
{
not vulnerable, no heartbeat extension} |
|
CCS
zranitelnosti:
CVE-2014-0224
CWE-310
|
OK
{
not vulnerable} |
|
ticketbleed
zranitelnosti:
CVE-2016-9244
CWE-200
|
OK
{
not vulnerable} |
| ROBOT |
OK
{
not vulnerable, no RSA key transport cipher} |
|
secure_renego
zranitelnosti:
CWE-310
|
OK
{
supported} |
|
secure_client_renego
zranitelnosti:
CVE-2011-1473
CWE-310
|
OK
{
not vulnerable} |
|
CRIME_TLS
zranitelnosti:
CVE-2012-4929
CWE-310
|
OK
{
not vulnerable} |
|
BREACH
zranitelnosti:
CVE-2013-3587
CWE-310
|
OK
{
not vulnerable, no gzip/deflate/compress/br HTTP compression - only supplied '/' tested} |
|
POODLE_SSL
zranitelnosti:
CVE-2014-3566
CWE-310
|
OK
{
not vulnerable, no SSLv3} |
| fallback_SCSV |
OK
{
no protocol below TLS 1.2 offered} |
| SWEET32 |
OK
{
not vulnerable} |
|
FREAK
zranitelnosti:
CVE-2015-0204
CWE-310
|
OK
{
not vulnerable} |
| DROWN |
OK
{
not vulnerable on this host and port} |
| DROWN_hint |
INFO
{
Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=81FBD7621C3FC976F2BF15D2BC764CE2ADB3CA4D2E12F84AB3C01A7BEA94142D} |
|
LOGJAM
zranitelnosti:
CVE-2015-4000
CWE-310
|
OK
{
not vulnerable, no DH EXPORT ciphers,} |
|
LOGJAM-common_primes
zranitelnosti:
CVE-2015-4000
CWE-310
|
OK
{
no DH key with <= TLS 1.2} |
|
BEAST
zranitelnosti:
CVE-2011-3389
CWE-20
|
OK
{
not vulnerable, no SSL3 or TLS1} |
|
LUCKY13
zranitelnosti:
CVE-2013-0169
CWE-310
|
LOW
{
potentially vulnerable, uses TLS CBC ciphers} |
|
winshock
zranitelnosti:
CVE-2014-6321
CWE-94
|
OK
{
not vulnerable} |
| RC4 |
OK
{
not vulnerable} |
| clientsimulation-android_442 |
INFO
{
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256} |
| clientsimulation-android_500 |
INFO
{
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256} |
| clientsimulation-android_60 |
INFO
{
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256} |
| clientsimulation-android_70 |
INFO
{
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256} |
| clientsimulation-android_81 |
INFO
{
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256} |
| clientsimulation-android_90 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
| clientsimulation-android_X |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
| clientsimulation-chrome_74_win10 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
| clientsimulation-chrome_79_win10 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
| clientsimulation-firefox_66_win81 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
| clientsimulation-firefox_71_win10 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
| clientsimulation-ie_6_xp |
INFO
{
No connection} |
| clientsimulation-ie_8_win7 |
INFO
{
No connection} |
| clientsimulation-ie_8_xp |
INFO
{
No connection} |
| clientsimulation-ie_11_win7 |
INFO
{
TLSv1.2 ECDHE-RSA-AES128-SHA256} |
| clientsimulation-ie_11_win81 |
INFO
{
TLSv1.2 ECDHE-RSA-AES128-SHA256} |
| clientsimulation-ie_11_winphone81 |
INFO
{
TLSv1.2 ECDHE-RSA-AES128-SHA256} |
| clientsimulation-ie_11_win10 |
INFO
{
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256} |
| clientsimulation-edge_15_win10 |
INFO
{
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256} |
| clientsimulation-edge_17_win10 |
INFO
{
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256} |
| clientsimulation-opera_66_win10 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
| clientsimulation-safari_9_ios9 |
INFO
{
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256} |
| clientsimulation-safari_9_osx1011 |
INFO
{
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256} |
| clientsimulation-safari_10_osx1012 |
INFO
{
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256} |
| clientsimulation-safari_121_ios_122 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
| clientsimulation-safari_130_osx_10146 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
| clientsimulation-apple_ats_9_ios9 |
INFO
{
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256} |
| clientsimulation-java_6u45 |
INFO
{
No connection} |
| clientsimulation-java_7u25 |
INFO
{
No connection} |
| clientsimulation-java_8u161 |
INFO
{
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256} |
| clientsimulation-java1102 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
| clientsimulation-java1201 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
| clientsimulation-openssl_102e |
INFO
{
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256} |
| clientsimulation-openssl_110l |
INFO
{
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256} |
| clientsimulation-openssl_111d |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
| clientsimulation-thunderbird_68_3_1 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
| rating_spec |
INFO
{
SSL Labs's 'SSL Server Rating Guide' (version 2009q from 2020-01-30)} |
| rating_doc |
INFO
{
https://github.com/ssllabs/research/wiki/SSL-Server-Rating-Guide} |
| protocol_support_score |
INFO
{
100} |
| protocol_support_score_weighted |
INFO
{
30} |
| key_exchange_score |
INFO
{
90} |
| key_exchange_score_weighted |
INFO
{
27} |
| cipher_strength_score |
INFO
{
90} |
| cipher_strength_score_weighted |
INFO
{
36} |
| final_score |
INFO
{
93} |
| overall_grade |
OK
{
A+} |
| scanTime |
INFO
{
80} |