Ministerstvo školství, mládeže a tělovýchovy Portál www.vzdelavaniaprace.cz je to pro všechny, kteří potřebují pomoc na trhu práce. Pomáhá jednotlivcům najít novou profesi, práci nebo vzdělávací kurz. Pomáhá zaměstnavatelům najít nové kvalifikované zaměstnance. A pomáhá vzdělávacím firmám oslovit zájemce o rekvalifikaci.
Všechno je v nejlepším pořádku a web se drží doporučených postupů.
Detailní report z HTTPs analýzy pomocí nástroje testssl.sh
server | vzdelavaniaprace.cz/195.113.77.148 |
pre_128cipher |
INFO
{
No 128 cipher limit bug} |
SSLv2 |
OK
{
not offered} |
SSLv3 |
OK
{
not offered} |
TLS1 |
INFO
{
not offered} |
TLS1_1 |
INFO
{
not offered} |
TLS1_2 |
OK
{
offered} |
TLS1_3 |
INFO
{
not offered + downgraded to weaker protocol} |
NPN |
INFO
{
not offered} |
ALPN_HTTP2 |
OK
{
h2} |
ALPN |
INFO
{
http/1.1} |
cipherlist_NULL
zranitelnosti:
CWE-327
|
OK
{
not offered} |
cipherlist_aNULL
zranitelnosti:
CWE-327
|
OK
{
not offered} |
cipherlist_EXPORT
zranitelnosti:
CWE-327
|
OK
{
not offered} |
cipherlist_LOW
zranitelnosti:
CWE-327
|
OK
{
not offered} |
cipherlist_3DES_IDEA
zranitelnosti:
CWE-310
|
INFO
{
not offered} |
cipherlist_AVERAGE
zranitelnosti:
CWE-310
|
LOW
{
offered} |
cipherlist_GOOD |
INFO
{
not offered} |
cipherlist_STRONG |
OK
{
offered} |
cipher_order |
OK
{
server} |
protocol_negotiated |
OK
{
Default protocol TLS1.2} |
cipher_negotiated |
OK
{
ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)} |
cipher-tls1_2_xc030 |
OK
{
TLSv1.2 xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 253 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384} |
cipher-tls1_2_xc028 |
LOW
{
TLSv1.2 xc028 ECDHE-RSA-AES256-SHA384 ECDH 253 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384} |
cipher-tls1_2_xc014 |
LOW
{
TLSv1.2 xc014 ECDHE-RSA-AES256-SHA ECDH 253 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA} |
cipher-tls1_2_x9f |
OK
{
TLSv1.2 x9f DHE-RSA-AES256-GCM-SHA384 DH 2048 AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384} |
cipher-tls1_2_xc0a3 |
OK
{
TLSv1.2 xc0a3 DHE-RSA-AES256-CCM8 DH 2048 AESCCM8 256 TLS_DHE_RSA_WITH_AES_256_CCM_8} |
cipher-tls1_2_xc09f |
OK
{
TLSv1.2 xc09f DHE-RSA-AES256-CCM DH 2048 AESCCM 256 TLS_DHE_RSA_WITH_AES_256_CCM} |
cipher-tls1_2_x6b |
LOW
{
TLSv1.2 x6b DHE-RSA-AES256-SHA256 DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256} |
cipher-tls1_2_x39 |
LOW
{
TLSv1.2 x39 DHE-RSA-AES256-SHA DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA} |
cipher-tls1_2_xc02f |
OK
{
TLSv1.2 xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 253 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256} |
cipher-tls1_2_xc027 |
LOW
{
TLSv1.2 xc027 ECDHE-RSA-AES128-SHA256 ECDH 253 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256} |
cipher-tls1_2_xc013 |
LOW
{
TLSv1.2 xc013 ECDHE-RSA-AES128-SHA ECDH 253 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA} |
cipher-tls1_2_x9e |
OK
{
TLSv1.2 x9e DHE-RSA-AES128-GCM-SHA256 DH 2048 AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256} |
cipher-tls1_2_xc0a2 |
OK
{
TLSv1.2 xc0a2 DHE-RSA-AES128-CCM8 DH 2048 AESCCM8 128 TLS_DHE_RSA_WITH_AES_128_CCM_8} |
cipher-tls1_2_xc09e |
OK
{
TLSv1.2 xc09e DHE-RSA-AES128-CCM DH 2048 AESCCM 128 TLS_DHE_RSA_WITH_AES_128_CCM} |
cipher-tls1_2_x67 |
LOW
{
TLSv1.2 x67 DHE-RSA-AES128-SHA256 DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256} |
cipher-tls1_2_x33 |
LOW
{
TLSv1.2 x33 DHE-RSA-AES128-SHA DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA} |
cipherorder_TLSv1_2 |
INFO
{
ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-CCM8 DHE-RSA-AES256-CCM DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-CCM8 DHE-RSA-AES128-CCM DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA} |
FS |
OK
{
offered} |
FS_ciphers |
INFO
{
ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-CCM8 DHE-RSA-AES256-CCM DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-CCM8 DHE-RSA-AES128-CCM DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA} |
FS_ECDHE_curves |
OK
{
prime256v1 secp384r1 secp521r1 X25519 X448} |
DH_groups |
OK
{
RFC3526/Oakley Group 14} |
TLS_extensions |
INFO
{
'renegotiation info/#65281' 'server name/#0' 'EC point formats/#11' 'session ticket/#35' 'status request/#5' 'max fragment length/#1' 'application layer protocol negotiation/#16' 'encrypt-then-mac/#22' 'extended master secret/#23'} |
TLS_session_ticket |
INFO
{
valid for 300 seconds only (<daily)} |
SSL_sessionID_support |
INFO
{
yes} |
sessionresumption_ticket |
INFO
{
supported} |
sessionresumption_ID |
INFO
{
supported} |
TLS_timestamp |
INFO
{
random} |
cert_compression |
INFO
{
N/A} |
clientAuth |
INFO
{
none} |
cert_numbers |
INFO
{
1} |
cert_signatureAlgorithm |
OK
{
SHA256 with RSA} |
cert_keySize |
INFO
{
RSA 2048 bits (exponent is 65537)} |
cert_keyUsage |
INFO
{
Digital Signature, Key Encipherment} |
cert_extKeyUsage |
INFO
{
TLS Web Server Authentication, TLS Web Client Authentication} |
cert_serialNumber |
INFO
{
0342C8625856B3E96391B7FA3A2807E4} |
cert_serialNumberLen |
INFO
{
16} |
cert_fingerprintSHA1 |
INFO
{
5FD9640DC452CCFD6D9FAEBD3048EAC71652CDA3} |
cert_fingerprintSHA256 |
INFO
{
E5CD8DF90B164CCF079CCE23E09175E158624CBDE68B9A434993AAC7E8F4D7E5} |
cert |
INFO
{
-----BEGIN CERTIFICATE----- MIIHqjCCBZKgAwIBAgIQA0LIYlhWs+ljkbf6OigH5DANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT K1JhcGlkU1NMIEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN MjMwNzMxMDAwMDAwWhcNMjQwODI2MjM1OTU5WjAeMRwwGgYDVQQDExN2emRlbGF2 YW5pYXByYWNlLmN6MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneLW 1ZWx75RRXHCGT0wQBAAnWy6hu/9G5gB7a/Ejq2UNJcfL4jbh1tETC9TfPFNzDnhp hDreOQisLvgIUe6BXbSqm07wNRh+lyqHAnxqld12PrG6WG/i5JZ/Kfnnbrc9VR5/ OVgr8A6GZDM2H6WCAWymKgBRBIVZnddHrSJ2fix9VebfHEtZJ++2tS0JvLsEokGV 8N+e2AbI6Bn77w8PvMa+oLJHvUzV+SSmaorRNCZrmCchLsdInEImUTcFmFXZtlp0 Yw4CaFwijEpxk0/NDMe0P8AlEq0xB5NRzow57A0L+U6A/U8Il86gBEjPvXpKYit+ P9ovm4bTYRuEVpxmsQIDAQABo4IDpDCCA6AwHwYDVR0jBBgwFoAU8JyF/aKffY/J aLvV1IlNHb7TkP8wHQYDVR0OBBYEFPfxSB/lBND9Z/oGT2cIAtQMhHcAMDcGA1Ud EQQwMC6CE3Z6ZGVsYXZhbmlhcHJhY2UuY3qCF3d3dy52emRlbGF2YW5pYXByYWNl LmN6MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH AwIwgZ8GA1UdHwSBlzCBlDBIoEagRIZCaHR0cDovL2NybDMuZGlnaWNlcnQuY29t L1JhcGlkU1NMR2xvYmFsVExTUlNBNDA5NlNIQTI1NjIwMjJDQTEuY3JsMEigRqBE hkJodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vUmFwaWRTU0xHbG9iYWxUTFNSU0E0 MDk2U0hBMjU2MjAyMkNBMS5jcmwwPgYDVR0gBDcwNTAzBgZngQwBAgEwKTAnBggr BgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGHBggrBgEFBQcB AQR7MHkwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBRBggr BgEFBQcwAoZFaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL1JhcGlkU1NMR2xv YmFsVExTUlNBNDA5NlNIQTI1NjIwMjJDQTEuY3J0MAkGA1UdEwQCMAAwggF9Bgor BgEEAdZ5AgQCBIIBbQSCAWkBZwB3AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FI WUZxH7WbAAABiar5xywAAAQDAEgwRgIhANeJiiKA5sW0y/j/1wdFUHb83FkxeEeM b6I+tyHVhik6AiEA21e1Owa5Is20aW7nnxnw2mKQZ/hKuQeDwi2WrbcUlFsAdQBI sONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYmq+cbqAAAEAwBGMEQC IAWXgRghFXEf2RU3LKpkHoN2pNpjMbdIWnKFYBEMhwEpAiBxzKEXWyFAbQFqeirz FMszT+4sQ+85HQwM4+GBG4YebwB1ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2k PTBI1/urAAABiar5xo8AAAQDAEYwRAIgW1kioE/9/bjyExdUvGsxeAxZvZuqzJ9C AeYjz16L8AACIEdB+3uH5Sbin5EFqTTXhYyTNc1jEoKTMaVYQRTOPvZLMA0GCSqG SIb3DQEBCwUAA4ICAQBS9dlud5GKeXSWtuOaN79vPN+WAnhIW9rCSXK41T2DB4dR UAJ7JgPgkHBCCjNzVKsWC94C+FtAEpSQvbz0Z6hle2zSz65SJkbZzJNefPp8dhRl mTwLLDWLQBfplb7F4rX1nBC4pjSeYFqjitKuJfuBOAhcBtoIox4g25mjPHrQcKNJ zApwNfl71xxcSZs/2S8iBN0/yQhRibK+yqPMmg+PfK5x2gfzepO+7Et50OmuSAy+ FadQ1BdZZF09r43mIm/n8QLoAeAyf7vur0Be+Kgl1HPfqoXPv7QRuTn5ZE7VLC8O 1ewYbhTqhjsS5y4vFyuG/CCfmBJLTrnw//+8O96PhGJiPNKREmOJE0hzxJOQHmhw mTNnLAfjdmmrLKz9EJrkgpmSgoaIGwi66SI+bpK2JqNbqzRkGIqkO7nrtKasHFsG zJCCPD3h9k9RcTywglslJYsGU+Vzc6g2vnEgyKEdyaH/Phl+/jaTTy7afcBbFQYH 407oYhgsYjVJ1NC3AQbhyYhYmqfZye6lvpVyAh1A/tTSW1KT+i8TpOyopTD009ed xxi8SoOaaW0pECdSm4wK0YOAyy136uQ5pVyoZVsWDa2YQpZrpd4nwop3h5gxIlBe hTHo1pdeaCsOJ0yzu894KjYc7CUSoLakolYIOj5mkxYkLg5cVgmAZ/nfaa0WaQ== -----END CERTIFICATE-----} |
cert_commonName |
OK
{
vzdelavaniaprace.cz} |
cert_commonName_wo_SNI |
INFO
{
nidv-web-06-prod.nidv.cz} |
cert_subjectAltName |
INFO
{
vzdelavaniaprace.cz www.vzdelavaniaprace.cz} |
cert_trust |
OK
{
Ok via SAN and CN (SNI mandatory)} |
cert_chain_of_trust |
OK
{
passed.} |
cert_certificatePolicies_EV |
INFO
{
no} |
cert_expirationStatus |
OK
{
151 >= 60 days} |
cert_notBefore |
INFO
{
2023-07-31 00:00} |
cert_notAfter |
OK
{
2024-08-26 23:59} |
cert_extlifeSpan |
OK
{
certificate has no extended life time according to browser forum} |
cert_eTLS |
INFO
{
not present} |
cert_crlDistributionPoints |
INFO
{
http://crl3.digicert.com/RapidSSLGlobalTLSRSA4096SHA2562022CA1.crl http://crl4.digicert.com/RapidSSLGlobalTLSRSA4096SHA2562022CA1.crl} |
cert_ocspURL |
INFO
{
http://ocsp.digicert.com} |
OCSP_stapling |
OK
{
offered} |
cert_ocspRevoked |
OK
{
not revoked} |
cert_mustStapleExtension |
INFO
{
--} |
DNS_CAArecord |
LOW
{
--} |
certificate_transparency |
OK
{
yes (certificate extension)} |
certs_countServer |
INFO
{
2} |
certs_list_ordering_problem |
INFO
{
no} |
cert_caIssuers |
INFO
{
RapidSSL Global TLS RSA4096 SHA256 2022 CA1 (DigiCert, Inc. from US)} |
intermediate_cert <#1> |
INFO
{
-----BEGIN CERTIFICATE----- MIIFyzCCBLOgAwIBAgIQCgWbJfVLPYeUzGYxR3U4ozANBgkqhkiG9w0BAQsFADBh MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD QTAeFw0yMjA1MDQwMDAwMDBaFw0zMTExMDkyMzU5NTlaMFwxCzAJBgNVBAYTAlVT MRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjE0MDIGA1UEAxMrUmFwaWRTU0wgR2xv YmFsIFRMUyBSU0E0MDk2IFNIQTI1NiAyMDIyIENBMTCCAiIwDQYJKoZIhvcNAQEB BQADggIPADCCAgoCggIBAKY5PJhwCX2UyBb1nelu9APen53D5+C40T+BOZfSFaB0 v0WJM3BGMsuiHZX2IHtwnjUhLL25d8tgLASaUNHCBNKKUlUGRXGztuDIeXb48d64 k7Gk7u7mMRSrj+yuLSWOKnK6OGKe9+s6oaVIjHXY+QX8p2I2S3uew0bW3BFpkeAr LBCU25iqeaoLEOGIa09DVojd3qc/RKqr4P11173R+7Ub05YYhuIcSv8e0d7qN1sO 1+lfoNMVfV9WcqPABmOasNJ+ol0hAC2PTgRLy/VZo1L0HRMr6j8cbR7q0nKwdbn4 Ar+ZMgCgCcG9zCMFsuXYl/rqobiyV+8U37dDScAebZTIF/xPEvHcmGi3xxH6g+dT CjetOjJx8sdXUHKXGXC9ka33q7EzQIYlZISF7EkbT5dZHsO2DOMVLBdP1N1oUp0/ 1f6fc8uTDduELoKBRzTTZ6OOBVHeZyFZMMdi6tA5s/jxmb74lqH1+jQ6nTU2/Mma hGNxUuJpyhUHezgBA6sto5lNeyqc+3Cr5ehFQzUuwNsJaWbDdQk1v7lqRaqOlYjn iomOl36J5txTs0wL7etCeMRfyPsmc+8HmH77IYVMUOcPJb+0gNuSmAkvf5QXbgPI Zursn/UYnP9obhNbHc/9LYdQkB7CXyX9mPexnDNO7pggNA2jpbEarLmZGi4grMmf AgMBAAGjggGCMIIBfjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBTwnIX9 op99j8lou9XUiU0dvtOQ/zAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3R VTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC MHYGCCsGAQUFBwEBBGowaDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNl cnQuY29tMEAGCCsGAQUFBzAChjRodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20v RGlnaUNlcnRHbG9iYWxSb290Q0EuY3J0MEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6 Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYD VR0gBDYwNDALBglghkgBhv1sAgEwBwYFZ4EMAQEwCAYGZ4EMAQIBMAgGBmeBDAEC AjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggEBAAfjh/s1f5dDdfm0sNm74/dW MbbsxfYV1LoTpFt+3MSUWvSbiPQfUkoV57b5rutRJvnPP9mSlpFwcZ3e1nSUbi2o ITGA7RCOj23I1F4zk0YJm42qAwJIqOVenR3XtyQ2VR82qhC6xslxtNf7f2Ndx2G7 Mem4wpFhyPDT2P6UJ2MnrD+FC//ZKH5/ERo96ghz8VqNlmL5RXo8Ks9rMr/Ad9xw Y4hyRvAz5920myUffwdUqc0SvPlFnahsZg15uT5HkK48tHR0TLuLH8aRpzh4KJ/Y p0sARNb+9i1R4Fg5zPNvHs2BbIve0vkwxAy+R4727qYzl3027w9jEFC6HMXRaDc= -----END CERTIFICATE-----} |
intermediate_cert_fingerprintSHA256 <#1> |
INFO
{
92A5F515AD35D3A27C490EDB135DE7044B1E399D608AC1ABE883FC82FB4B16BE} |
intermediate_cert_notBefore <#1> |
INFO
{
2022-05-04 00:00} |
intermediate_cert_notAfter <#1> |
OK
{
2031-11-09 23:59} |
intermediate_cert_expiration <#1> |
OK
{
ok > 40 days} |
intermediate_cert_chain <#1> |
INFO
{
RapidSSL Global TLS RSA4096 SHA256 2022 CA1 <-- DigiCert Global Root CA} |
intermediate_cert_badOCSP |
OK
{
intermediate certificate(s) is/are ok} |
HTTP_status_code |
INFO
{
200 OK ('/')} |
HTTP_clock_skew |
INFO
{
-1 seconds from localtime} |
HTTP_headerTime |
INFO
{
1711660212} |
HSTS_time |
OK
{
180 days (=15552000 seconds) > 15552000 seconds} |
HSTS_subdomains |
OK
{
includes subdomains} |
HSTS_preload |
INFO
{
domain is NOT marked for preloading} |
HPKP |
INFO
{
No support for HTTP Public Key Pinning} |
banner_server |
INFO
{
Apache} |
banner_application |
INFO
{
No application banner found} |
cookie_count |
INFO
{
0 at '/'} |
X-Frame-Options |
OK
{
SAMEORIGIN} |
X-Content-Type-Options |
OK
{
nosniff} |
Upgrade |
INFO
{
h2,h2c} |
Referrer-Policy |
INFO
{
no-referrer} |
banner_reverseproxy
zranitelnosti:
CWE-200
|
INFO
{
--} |
heartbleed
zranitelnosti:
CVE-2014-0160
CWE-119
|
OK
{
not vulnerable, no heartbeat extension} |
CCS
zranitelnosti:
CVE-2014-0224
CWE-310
|
OK
{
not vulnerable} |
ticketbleed
zranitelnosti:
CVE-2016-9244
CWE-200
|
OK
{
not vulnerable} |
ROBOT |
OK
{
not vulnerable, no RSA key transport cipher} |
secure_renego
zranitelnosti:
CWE-310
|
OK
{
supported} |
secure_client_renego
zranitelnosti:
CVE-2011-1473
CWE-310
|
OK
{
not vulnerable} |
CRIME_TLS
zranitelnosti:
CVE-2012-4929
CWE-310
|
OK
{
not vulnerable} |
BREACH
zranitelnosti:
CVE-2013-3587
CWE-310
|
MEDIUM
{
potentially VULNERABLE, gzip HTTP compression detected - only supplied '/' tested} |
POODLE_SSL
zranitelnosti:
CVE-2014-3566
CWE-310
|
OK
{
not vulnerable, no SSLv3} |
fallback_SCSV |
OK
{
no protocol below TLS 1.2 offered} |
SWEET32 |
OK
{
not vulnerable} |
FREAK
zranitelnosti:
CVE-2015-0204
CWE-310
|
OK
{
not vulnerable} |
DROWN |
OK
{
not vulnerable on this host and port} |
DROWN_hint |
INFO
{
Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=E5CD8DF90B164CCF079CCE23E09175E158624CBDE68B9A434993AAC7E8F4D7E5} |
LOGJAM-common_primes
zranitelnosti:
CVE-2015-4000
CWE-310
|
INFO
{
RFC3526/Oakley Group 14} |
LOGJAM
zranitelnosti:
CVE-2015-4000
CWE-310
|
OK
{
not vulnerable, no DH EXPORT ciphers,} |
BEAST
zranitelnosti:
CVE-2011-3389
CWE-20
|
OK
{
not vulnerable, no SSL3 or TLS1} |
LUCKY13
zranitelnosti:
CVE-2013-0169
CWE-310
|
LOW
{
potentially vulnerable, uses TLS CBC ciphers} |
winshock
zranitelnosti:
CVE-2014-6321
CWE-94
|
OK
{
not vulnerable} |
RC4 |
OK
{
not vulnerable} |
clientsimulation-android_442 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-android_500 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-SHA} |
clientsimulation-android_60 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-SHA} |
clientsimulation-android_70 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-android_81 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-android_90 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-android_X |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-chrome_74_win10 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-chrome_79_win10 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-firefox_66_win81 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-firefox_71_win10 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-ie_6_xp |
INFO
{
No connection} |
clientsimulation-ie_8_win7 |
INFO
{
No connection} |
clientsimulation-ie_8_xp |
INFO
{
No connection} |
clientsimulation-ie_11_win7 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-SHA384} |
clientsimulation-ie_11_win81 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-SHA384} |
clientsimulation-ie_11_winphone81 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-SHA} |
clientsimulation-ie_11_win10 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-edge_15_win10 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-edge_17_win10 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-opera_66_win10 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-safari_9_ios9 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-safari_9_osx1011 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-safari_10_osx1012 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-safari_121_ios_122 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-safari_130_osx_10146 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-apple_ats_9_ios9 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-java_6u45 |
INFO
{
No connection} |
clientsimulation-java_7u25 |
INFO
{
No connection} |
clientsimulation-java_8u161 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-java1102 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-java1201 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-openssl_102e |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-openssl_110l |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-openssl_111d |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
clientsimulation-thunderbird_68_3_1 |
INFO
{
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384} |
rating_spec |
INFO
{
SSL Labs's 'SSL Server Rating Guide' (version 2009q from 2020-01-30)} |
rating_doc |
INFO
{
https://github.com/ssllabs/research/wiki/SSL-Server-Rating-Guide} |
protocol_support_score |
INFO
{
100} |
protocol_support_score_weighted |
INFO
{
30} |
key_exchange_score |
INFO
{
90} |
key_exchange_score_weighted |
INFO
{
27} |
cipher_strength_score |
INFO
{
90} |
cipher_strength_score_weighted |
INFO
{
36} |
final_score |
INFO
{
93} |
overall_grade |
OK
{
A+} |
scanTime |
INFO
{
100} |