Přihlásit se Registrace
Smlouvy Dotace Platy Úřady Zakázky Sponzoři & firmy PastVina 
❤ Podpořte nás Přihlásit se Registrace
Hledat v Hlídači státu
Nápověda jak vyhledávat Snadné hledání
  1. Hlídač Státu
  2. Hlídač Webů
  3. Detailní analýza HTTPs pro Informační systém odpadového hospodářství (ISOH)

Hlídač Informační systém odpadového hospodářství (ISOH) Detailní analýza HTTPs pro Informační systém odpadového hospodářství (ISOH)

Informační systém odpadového hospodářství (ISOH)
https://isoh.mzp.cz

Ministerstvo životního prostředí

Zabezpečení komunikace

A+
Certifikát expiruje za 62 dní.

Výsledek analýzy HTTPS na isoh.mzp.cz ze dne 25.05.2026

Všechno je v nejlepším pořádku a web se drží doporučených postupů.

Detailní analýza

Detailní report z HTTPs analýzy pomocí nástroje testssl.sh

server isoh.mzp.cz/193.84.245.15
pre_128cipher INFO { 
No 128 cipher limit bug
}
SSLv2 OK { 
not offered
}
SSLv3 OK { 
not offered
}
TLS1 INFO { 
not offered
}
TLS1_1 INFO { 
not offered
}
TLS1_2 OK { 
offered
}
TLS1_3 OK { 
offered with final
}
NPN INFO { 
not offered
}
ALPN_HTTP2 OK { 
h2
}
ALPN INFO { 
http/1.1
}
cipherlist_NULL
zranitelnosti: CWE-327
OK { 
not offered
}
cipherlist_aNULL
zranitelnosti: CWE-327
OK { 
not offered
}
cipherlist_EXPORT
zranitelnosti: CWE-327
OK { 
not offered
}
cipherlist_LOW
zranitelnosti: CWE-327
OK { 
not offered
}
cipherlist_3DES_IDEA
zranitelnosti: CWE-310
INFO { 
not offered
}
cipherlist_AVERAGE
zranitelnosti: CWE-310
INFO { 
not offered
}
cipherlist_GOOD INFO { 
not offered
}
cipherlist_STRONG OK { 
offered
}
cipher_order OK { 
server
}
protocol_negotiated OK { 
Default protocol TLS1.3
}
cipher_negotiated OK { 
TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519)
}
cipher-tls1_2_xc02f OK { 
TLSv1.2   xc02f   ECDHE-RSA-AES128-GCM-SHA256       ECDH 253   AESGCM      128      TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
}
cipher-tls1_2_xc030 OK { 
TLSv1.2   xc030   ECDHE-RSA-AES256-GCM-SHA384       ECDH 253   AESGCM      256      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
}
cipher-tls1_2_xcca8 OK { 
TLSv1.2   xcca8   ECDHE-RSA-CHACHA20-POLY1305       ECDH 253   ChaCha20    256      TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
}
cipher-tls1_2_x9e OK { 
TLSv1.2   x9e     DHE-RSA-AES128-GCM-SHA256         DH 4096    AESGCM      128      TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
}
cipher-tls1_2_x9f OK { 
TLSv1.2   x9f     DHE-RSA-AES256-GCM-SHA384         DH 4096    AESGCM      256      TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
}
cipherorder_TLSv1_2 INFO { 
ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES256-GCM-SHA384
}
prioritize_chacha_TLSv1_2 INFO { 
true
}
cipher-tls1_3_x1302 OK { 
TLSv1.3   x1302   TLS_AES_256_GCM_SHA384            ECDH 253   AESGCM      256      TLS_AES_256_GCM_SHA384
}
cipher-tls1_3_x1303 OK { 
TLSv1.3   x1303   TLS_CHACHA20_POLY1305_SHA256      ECDH 253   ChaCha20    256      TLS_CHACHA20_POLY1305_SHA256
}
cipher-tls1_3_x1301 OK { 
TLSv1.3   x1301   TLS_AES_128_GCM_SHA256            ECDH 253   AESGCM      128      TLS_AES_128_GCM_SHA256
}
cipherorder_TLSv1_3 INFO { 
TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256
}
prioritize_chacha_TLSv1_3 INFO { 
true
}
FS OK { 
offered
}
FS_ciphers INFO { 
TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 ECDHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-CHACHA20-POLY1305 TLS_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-GCM-SHA256
}
FS_ECDHE_curves OK { 
prime256v1 secp384r1 secp521r1 X25519 X448
}
DH_groups OK { 
ffdhe2048 ffdhe3072 ffdhe4096 ffdhe6144 ffdhe8192
}
TLS_extensions INFO { 
'renegotiation info/#65281' 'server name/#0' 'EC point formats/#11' 'supported versions/#43' 'key share/#51' 'supported_groups/#10' 'max fragment length/#1' 'application layer protocol negotiation/#16' 'extended master secret/#23'
}
TLS_session_ticket INFO { 
no -- no lifetime advertised
}
SSL_sessionID_support INFO { 
yes
}
sessionresumption_ticket INFO { 
not supported
}
sessionresumption_ID INFO { 
supported
}
TLS_timestamp INFO { 
random
}
certificate_compression INFO { 
none
}
clientAuth INFO { 
none
}
cert_numbers INFO { 
1
}
cert_signatureAlgorithm OK { 
SHA256 with RSA
}
cert_keySize OK { 
RSA 4096 bits (exponent is 65537)
}
cert_keyUsage INFO { 
Digital Signature, Key Encipherment
}
cert_extKeyUsage INFO { 
TLS Web Server Authentication, TLS Web Client Authentication
}
cert_serialNumber INFO { 
25F0251B21D105F2B22DCE4AFC6CF7D3
}
cert_serialNumberLen INFO { 
16
}
cert_fingerprintSHA1 INFO { 
332CBC92A0DC4833E6AD8EDB9321639DC87B7A7A
}
cert_fingerprintSHA256 INFO { 
05EFE65A009AB171EF3A93DD030F1536DB1284EA3085650FEB702784E3B056B9
}
cert INFO { 
-----BEGIN CERTIFICATE----- MIIHJDCCBYygAwIBAgIQJfAlGyHRBfKyLc5K/Gz30zANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJDWjEWMBQGA1UEChMNQWxwaXJvIHMuci5vLjEfMB0GA1UEAxMW QWxwaXJvIFJTQSBEViBTU0wgQ0EgMjAeFw0yNTA2MjYwMDAwMDBaFw0yNjA3Mjcy MzU5NTlaMBExDzANBgNVBAMTBm16cC5jejCCAiIwDQYJKoZIhvcNAQEBBQADggIP ADCCAgoCggIBAMt9dekYAmbHk0Q8UCRv9C2Lx/PBytG8htAzBXhuvyRs1EOGro9i 6J7dkNLiQMTppsv1/6Om72qHLTU7QT0InxBvROz8g68vggmAhvq6ji7cPjiZ7e2E 8PqRhYhJRuOhCYVeNTnYSvD3sn9iJoj5m5vts2S/9B51Moay/OLOXM0TZQk1WNGv RFcm9AUY0W6Xb4kwfu1mUhdaNPpEgkmE5g2kIY2+RVrjs7aCFHB0YYKK4Z6XMhfm qnZsY4qPjFCn2wx7owbFGcqGikMZ11jwUlmP9xjbf8Bd36E5Z6prWuS2U5WID/MC 15ZMgTjM+06kY/H3GqAWo8luB5wK+1+aPFWY8PFO1H8d7t92fg6AOgexDf/BPIbH 7SF1m/nFAqKVS+rU2rxtKU2Ipw3WNjMsqxvBFiUG9pRqlN5Y13spCR4RCAwnFctc 4wgkqH3jgwYt9Eqfcuf7ywqhQgCoaLR2ousFgXmzuih57BThTEw5T+h+ynCecF0m I3vdnIFw7KFBhoIBVkA+/upq4BUNf6QLbQZHrtd9EHU6aRJJFQpLVdNJhzdP/PB+ ohbmLq3R+GL0Gf4scW1Binn3+U0t1oxyghOjIlA/X4UNC8GCeAAjeqVU95C2pnrw wuOu7zanmc6cmn0+rg81mn8fG7gPtNXwy9OTPZUOw3rYC/mqJAIQUsynAgMBAAGj ggLBMIICvTAfBgNVHSMEGDAWgBR1CNT4yIybtYpS46aNIt7KR4u2fTAdBgNVHQ4E FgQUYFqtowsl+oMFd0yyG2U091O4hb4wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB /wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBMGA1UdIAQMMAow CAYGZ4EMAQIBMG0GCCsGAQUFBwEBBGEwXzA4BggrBgEFBQcwAoYsaHR0cDovL2Ny dC5zZWN0aWdvLmNvbS9BbHBpcm9SU0FEVlNTTENBMi5jcnQwIwYIKwYBBQUHMAGG F2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFq AWgAdgDYCVU7lE96/8gWGW+UT4WrsPj8XodVJg8V0S5yu0VLFAAAAZetIESYAAAE AwBHMEUCICTlbcjsokKCR7Ay7zupCeZjPh/noOaOtSWUwBwYmWsyAiEAmust+HHE YpLVnSqLw1cFENeAC/tzThRalrgOBnCOkU4AdgCsqzBwbOvshDH0E9L0kV8RHkIk Q7HypoxPPCs7px4CwwAAAZetIESAAAAEAwBHMEUCIHMKY1+fAme5disQu+HhQxqr 9Dl6I7Zd6HaG/lLHtLETAiEA5b3vITA8XkjqCFuawlvh9es7yGBTDmttmS1ujjru YJkAdgDXbX0Q0af1d8LH6V/XAL/5gskzWmXh0LMBcxfAyMVpdwAAAZetIERLAAAE AwBHMEUCIQCZAPgkuV/aU+TFOO1sS6PE7taGPaAbIyliW+DQxx/PiAIgRdl6DZNJ rpEEhFG8bbcTusX9v8urNh9hZUYHdvqZDiowOAYDVR0RBDEwL4IGbXpwLmN6ggsq LmFkLm16cC5jeoIIKi5tenAuY3qCDioudnJhdGEubXpwLmN6MA0GCSqGSIb3DQEB CwUAA4IBgQBqSDNNDnuUN4moHUDPliivfQag2hG1uAlPuzGmdd5RdJuStF2e/paO HZ/W9gQdoKuUlZ+AeAI8bLhzj7ZMRgwBZB2CeWfZuo53XAWkeOWeQGxseN3szwPG dqKPxkcxgYW1+fdlhywM5PZrnzyaXfsM237g0LrS1sM5pqVfblCvM4f/83bFEeFM J7cCOEegcTiZTi5RA+aVFCseSUU/1O6mobj2WTKef8hCVPwT36wnl0ObKip2lznQ TNWgFQ+vjzxBBU9jkoi1LmEAilY+VMgsFryGFl4kHkm6ShWS0iB/X2U0c/lLfhGF hjpCLA5YVhFNxvb/6M0ujE0PUFQmz9wUqFEha8mG8AlI971NOJ43vODMpSRbFDb6 AKIXcfGPncoKo7xHSD+rWpImjyYXnv+21uol2QHyLud6GsY3ing1OmOpBlSNNZdE QVaHDB00BNN/bjqVpDw4Yj3HbW3JnhQ5fMdnlDU62LNsHMLtqxvFp5j7p5hhdqpD ybY/roEAZbw= -----END CERTIFICATE-----
}
cert_commonName OK { 
mzp.cz
}
cert_commonName_wo_SNI INFO { 
request w/o SNI didn't succeed
}
cert_subjectAltName INFO { 
mzp.cz *.ad.mzp.cz *.mzp.cz *.vrata.mzp.cz
}
cert_trust OK { 
Ok via SAN wildcard (SNI mandatory)
}
cert_chain_of_trust OK { 
passed.
}
cert_certificatePolicies_EV INFO { 
no
}
cert_expirationStatus OK { 
63 >= 60 days
}
cert_notBefore INFO { 
2025-06-26 00:00
}
cert_notAfter OK { 
2026-07-27 23:59
}
cert_extlifeSpan OK { 
certificate has no extended life time according to browser forum
}
cert_eTLS INFO { 
not present
}
cert_crlDistributionPoints INFO { 
--
}
cert_ocspURL INFO { 
http://ocsp.sectigo.com
}
OCSP_stapling LOW { 
not offered
}
cert_mustStapleExtension INFO { 
--
}
DNS_CAArecord OK { 
issue=digicert.com, issue=letsencrypt.org, issue=trust-provider.com
}
certificate_transparency OK { 
yes (certificate extension)
}
certs_countServer INFO { 
4
}
certs_list_ordering_problem INFO { 
no
}
cert_caIssuers INFO { 
Alpiro RSA DV SSL CA 2 (Alpiro s.r.o. from CZ)
}
intermediate_cert <#1> INFO { 
-----BEGIN CERTIFICATE----- MIIGITCCBAmgAwIBAgIRAKZyV9GJog2rQ/Aa84oDN+AwDQYJKoZIhvcNAQEMBQAw XzELMAkGA1UEBhMCR0IxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE2MDQGA1UE AxMtU2VjdGlnbyBQdWJsaWMgU2VydmVyIEF1dGhlbnRpY2F0aW9uIFJvb3QgUjQ2 MB4XDTI1MDMyNzAwMDAwMFoXDTM1MDMyNjIzNTk1OVowRjELMAkGA1UEBhMCQ1ox FjAUBgNVBAoTDUFscGlybyBzLnIuby4xHzAdBgNVBAMTFkFscGlybyBSU0EgRFYg U1NMIENBIDIwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDUx47MPW7Y BVt2znX2Y8FbnYTLLajF9b4WYVcBK3IojDSeNONXkVvjMIi4koo570V4DBlrhugp XKB6YFj4X9zJ25vXNOG5KckxIwXEHAQCgxm2yE04abViDCIMIrQvJO04dCgfrqwE kdyGxyOT0Mt2YHUGeBUlsUg3Pnp8fuVc9bCk6CsPkQ/WdaRWnHP5uOG7VQBXpa58 ZIQYAmJTh4AwLGGRT3mnMlvXDICDJP6SiHISGzYEmq2Z/WdQuKP3G9z4tHOKcjo6 AGNCRs+pDaFyqLHZjc9w/ksrypUh6XYA4xGsmReRFYOppVVdj77O2w9b1tAucpe6 p1GFXAYcHwtEkEznV+skxFG3VCn96gK0AMiSfvF2kOSok8g+0n4eFOnyz4U7hM3n JLIh3dxJeax3IAZb/FLJHxMu+0Bb/6LIFv7kRmM3YMIWY9fQAZ3qwVBA1OQjmDNs ZqQ4Bcjuf7b6462ingkX2LscilNBPmQl3iRVflzvc+uPYblwd249uPkCAwEAAaOC AW8wggFrMB8GA1UdIwQYMBaAFFZzWGSV+ZIasBIqBGJ5oUAViCFJMB0GA1UdDgQW BBR1CNT4yIybtYpS46aNIt7KR4u2fTAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/ BAgwBgEB/wIBADATBgNVHSUEDDAKBggrBgEFBQcDATATBgNVHSAEDDAKMAgGBmeB DAECATBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8vY3JsLnNlY3RpZ28uY29tL1Nl Y3RpZ29QdWJsaWNTZXJ2ZXJBdXRoZW50aWNhdGlvblJvb3RSNDYuY3JsMIGEBggr BgEFBQcBAQR4MHYwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9jcnQuc2VjdGlnby5jb20v U2VjdGlnb1B1YmxpY1NlcnZlckF1dGhlbnRpY2F0aW9uUm9vdFI0Ni5wN2MwIwYI KwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMA0GCSqGSIb3DQEBDAUA A4ICAQBQPX41avzHSSAVaFJPCr6GLxgeqj5XSl5GflqEZYnUMi11ZFb5R0DBEHIE ec/Og7pgUi3ehKt1OZ4hbjhrkhdNqYY260Go4Jf5XxmVLSHz1k1A6q+biCLo2eh1 w8/TeTLus4opPh7VQHzYAYvHopiaof/QPoJlZFGvquzlnSA94Ffukse1fV+c3Xhz niz3wcf/bkTETz3C3cq2/0GJi0SIIoYMVbL0bLrZvO4REvYKk9dfozMBijIo1NDd sYQR79DplE3jzycMcGoVsJa2FFRF9N9qCkmFQ4x5BjRYR0NcJXqupV/aFU80ud39 H0ZZOHNAQryjw+3YTK2gh6YT1iklUbtX2hNL4PwSnu0LPipyzK9smCY9P6BlSOd+ gj6pUW/7d7I6hBnwpyk+/iZNFH4ViOMrmOJGiY5lJbH6TOP9e/FbiK51NTK4NPoE RvxyaKDpbIfZgi7AZGmAG3vQW2h+kugixbhK7z7qTkKOG9JTuHV7Px/xqIB6Wgse ddqZCVdZQamPCMtwdtZe7zG9Y7F8VBH5/78hsI7yqn3MRH1JPhlOrth17fyxR+dK iLg2lctsv/v2MpDcR/rhASt3TUbTDjT/VnS9/+xPoxl352FHBnME4D7puZWCt+d1 OING0BUMXPhKecUb3wu27AtmJ06Cfuinj3ifnqfqP4xh5ZFEWQ== -----END CERTIFICATE-----
}
intermediate_cert_fingerprintSHA256 <#1> INFO { 
CDFBB47882818B694AAD818CD8040DD11050197F51DDBF3C2EB09812E4A25DF5
}
intermediate_cert_notBefore <#1> INFO { 
2025-03-27 00:00
}
intermediate_cert_notAfter <#1> OK { 
2035-03-26 23:59
}
intermediate_cert_expiration <#1> OK { 
ok > 40 days
}
intermediate_cert_chain <#1> INFO { 
Alpiro RSA DV SSL CA 2 <-- Sectigo Public Server Authentication Root R46
}
intermediate_cert <#2> INFO { 
-----BEGIN CERTIFICATE----- MIIGlTCCBH2gAwIBAgIRANJ/u8HeNZ5SFq1hSVhgmcQwDQYJKoZIhvcNAQEMBQAw gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIx MDMyMjAwMDAwMFoXDTM4MDExODIzNTk1OVowXzELMAkGA1UEBhMCR0IxGDAWBgNV BAoTD1NlY3RpZ28gTGltaXRlZDE2MDQGA1UEAxMtU2VjdGlnbyBQdWJsaWMgU2Vy dmVyIEF1dGhlbnRpY2F0aW9uIFJvb3QgUjQ2MIICIjANBgkqhkiG9w0BAQEFAAOC Ag8AMIICCgKCAgEAk77VNlJ12AEjoBxHQknuY7a3If3EldVIKyZ8FFMQ2nn9K7ct pNQs+uoy3UnCub0PSD17WphUr55dMXRPB/xQId2kz2hPGxJjbSWZTCqZ80gwYfqB fB6nCErcPiscHxhMcao1jK34bug7StnllALWiYQTqm3ITzPMUJY3kjPcX4jnn1TZ SPCYQ9Zm/Z8XOEPFAVEL1+MjDxRdWxTnS77d9MjaAzfR1jmhIVEwg7Bt1zBOlluR 8HAkq79FgWRDDb0hOi886Z4NyyC1QifM2m+b7mQwkDnNk2WBITG1I1AzNyLjOO34 MTDMRf5i+dFdMnlCh99qzFYZQE3Oqrv5tXZJlPEn+JGlg+UGs2MOgNzgElWApjtm tDmHLcjw0NEU6eQNTQ72XVdyxTscR1ad4tX7gWGMzE2AkDRbt9cUddzYBEifwMEo iLTpHMqnsfFWt3tJTFnlIBWohAIp+jiUaZpJBo/NH3kUFxIMg3reH7GX7vmXeCik yESS6X0mBaZYcpt5E9gRX67FOGI0aLKGMI74kGGeMmz1BzbNokxu7Io27fLmmRVE cMN8vJw5wLTha/eDJSNX2RKA5UnwdQ/vjescm1QotCE8/HwK/+97a3X/ix2gGQWr +vgrgULoOLq7+6r9PeDzyt9Ol5cp7fMYVumllqy9w5CYsuD5otSmR0N8bc8CAwEA AaOCASAwggEcMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1Ud DgQWBBRWc1hklfmSGrASKgRieaFAFYghSTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0T AQH/BAUwAwEB/zAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEQYDVR0g BAowCDAGBgRVHSAAMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRy dXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDA1 BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVz dC5jb20wDQYJKoZIhvcNAQEMBQADggIBADpvBIlq7bMU0cFDT/9P9+BsgCkRgQs0 S6Bf7vJSlWMHwby0VGvxCS0hrbi0K2BINZbEbsVsgpQq04431yyoVn3Hldorgq24 RldRDOOipEZDTFB9wC9HYt1thHF00XeG2C8KC1plwoEzKAIhPvefI/C3cT0CfTXJ uFjUbKIgSwjNjw6YHtLgoy/hd5+JLUlLco/gzFX/qWbT7tEquOMYpsNKWZj8TLqP q6zMiG4Na6feEZte6YPXGrMWlTWN341vDedc+yxQqSug79HJUQcOZs7KyDWztmae QxsPE49UV/8XwrfZtZaYyrs4FpD94Z4Q8dzXGL8+qEJjxgcza7W6PROaClubavd1 VKPm8+aCW77u7SxpR2TFGL6kPdxsKyFijpcunR5V79sUyROfNdzjrAcFWZXK8sbb 9FlnwuVG677JLv+ZVTX5AxLvW5OB4zt5uS+zB62wJ/Wv+jXGAttSAcJec4iFgCWH Rvdi/jJoSzRLa3nEzx6pFIzclSCnh0u1xCeLcUBypSiPga8W+6PkuoyQq8U9qs9E oxG5NvrvlyshwUS9yvcZRGw7Ljlx4jJH/BhIPR8kIBCQj1vna9TziZOrw1Of8hDU bHKFG9Pm8Dp2vbjz/2JH39qvxshPKVllGfq+5klPm7yZRUYTiCMAbqwNdL/nsqF2 Rnnyp58XRStJ -----END CERTIFICATE-----
}
intermediate_cert_fingerprintSHA256 <#2> INFO { 
92F351BF3D54164DFA8DD8F9E1139D3150349786485D2B9EECD00E2971C1E6C5
}
intermediate_cert_notBefore <#2> INFO { 
2021-03-22 00:00
}
intermediate_cert_notAfter <#2> OK { 
2038-01-18 23:59
}
intermediate_cert_expiration <#2> OK { 
ok > 40 days
}
intermediate_cert_chain <#2> INFO { 
Sectigo Public Server Authentication Root R46 <-- USERTrust RSA Certification Authority
}
intermediate_cert <#3> INFO { 
-----BEGIN CERTIFICATE----- MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B 3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/ Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2 VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT 79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6 c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3 ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs 8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/ qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG jjxDah2nGN59PRbxYvnKkKj9 -----END CERTIFICATE-----
}
intermediate_cert_fingerprintSHA256 <#3> INFO { 
E793C9B02FD8AA13E21C31228ACCB08119643B749C898964B1746D46C3D4CBD2
}
intermediate_cert_notBefore <#3> INFO { 
2010-02-01 00:00
}
intermediate_cert_notAfter <#3> OK { 
2038-01-18 23:59
}
intermediate_cert_expiration <#3> OK { 
ok > 40 days
}
intermediate_cert_chain <#3> INFO { 
USERTrust RSA Certification Authority <-- USERTrust RSA Certification Authority
}
intermediate_cert_badOCSP OK { 
intermediate certificate(s) is/are ok
}
heartbleed
zranitelnosti: CVE-2014-0160 CWE-119
OK { 
not vulnerable, no heartbeat extension
}
CCS
zranitelnosti: CVE-2014-0224 CWE-310
OK { 
not vulnerable
}
ticketbleed
zranitelnosti: CVE-2016-9244 CWE-200
INFO { 
not applicable, not HTTP
}
ROBOT
zranitelnosti: CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168 CWE-203
OK { 
not vulnerable, no RSA key transport cipher
}
secure_renego
zranitelnosti: CWE-310
WARN { 
OpenSSL handshake didn't succeed
}
secure_client_renego
zranitelnosti: CVE-2011-1473 CWE-310
OK { 
not vulnerable
}
CRIME_TLS
zranitelnosti: CVE-2012-4929 CWE-310
OK { 
not vulnerable (not using HTTP anyway)
}
POODLE_SSL
zranitelnosti: CVE-2014-3566 CWE-310
OK { 
not vulnerable, no SSLv3
}
fallback_SCSV OK { 
no protocol below TLS 1.2 offered
}
SWEET32
zranitelnosti: CVE-2016-2183 CVE-2016-6329 CWE-327
OK { 
not vulnerable
}
FREAK
zranitelnosti: CVE-2015-0204 CWE-310
OK { 
not vulnerable
}
DROWN
zranitelnosti: CVE-2016-0800 CVE-2016-0703 CWE-310
OK { 
not vulnerable on this host and port
}
DROWN_hint
zranitelnosti: CVE-2016-0800 CVE-2016-0703 CWE-310
INFO { 
Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=05EFE65A009AB171EF3A93DD030F1536DB1284EA3085650FEB702784E3B056B9
}
LOGJAM-common_primes
zranitelnosti: CVE-2015-4000 CWE-310
INFO { 
RFC7919/ffdhe4096
}
LOGJAM
zranitelnosti: CVE-2015-4000 CWE-310
OK { 
not vulnerable, no DH EXPORT ciphers,
}
BEAST
zranitelnosti: CVE-2011-3389 CWE-20
OK { 
not vulnerable, no SSL3 or TLS1
}
LUCKY13
zranitelnosti: CVE-2013-0169 CWE-310
OK { 
not vulnerable
}
winshock
zranitelnosti: CVE-2014-6321 CWE-94
OK { 
not vulnerable
}
RC4
zranitelnosti: CVE-2013-2566 CVE-2015-2808 CWE-310
OK { 
not vulnerable
}
clientsimulation-android_442 INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-android_500 INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-android_60 INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-android_70 INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-android_81 INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-android_90 INFO { 
TLSv1.3 TLS_AES_256_GCM_SHA384
}
clientsimulation-android_X INFO { 
TLSv1.3 TLS_AES_256_GCM_SHA384
}
clientsimulation-chrome_74_win10 INFO { 
TLSv1.3 TLS_AES_256_GCM_SHA384
}
clientsimulation-chrome_79_win10 INFO { 
TLSv1.3 TLS_AES_256_GCM_SHA384
}
clientsimulation-firefox_66_win81 INFO { 
TLSv1.3 TLS_AES_256_GCM_SHA384
}
clientsimulation-firefox_71_win10 INFO { 
TLSv1.3 TLS_AES_256_GCM_SHA384
}
clientsimulation-ie_6_xp INFO { 
No connection
}
clientsimulation-ie_8_win7 INFO { 
No connection
}
clientsimulation-ie_8_xp INFO { 
No connection
}
clientsimulation-ie_11_win7 INFO { 
TLSv1.2 DHE-RSA-AES128-GCM-SHA256
}
clientsimulation-ie_11_win81 INFO { 
TLSv1.2 DHE-RSA-AES128-GCM-SHA256
}
clientsimulation-ie_11_winphone81 INFO { 
No connection
}
clientsimulation-ie_11_win10 INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-edge_15_win10 INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-edge_17_win10 INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-opera_66_win10 INFO { 
TLSv1.3 TLS_AES_256_GCM_SHA384
}
clientsimulation-safari_9_ios9 INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-safari_9_osx1011 INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-safari_10_osx1012 INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-safari_121_ios_122 INFO { 
TLSv1.3 TLS_CHACHA20_POLY1305_SHA256
}
clientsimulation-safari_130_osx_10146 INFO { 
TLSv1.3 TLS_CHACHA20_POLY1305_SHA256
}
clientsimulation-apple_ats_9_ios9 INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-java_6u45 INFO { 
No connection
}
clientsimulation-java_7u25 INFO { 
No connection
}
clientsimulation-java_8u161 INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-java1102 INFO { 
TLSv1.3 TLS_AES_256_GCM_SHA384
}
clientsimulation-java1201 INFO { 
TLSv1.3 TLS_AES_256_GCM_SHA384
}
clientsimulation-openssl_102e INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-openssl_110l INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-openssl_111d INFO { 
TLSv1.3 TLS_AES_256_GCM_SHA384
}
clientsimulation-thunderbird_68_3_1 INFO { 
TLSv1.3 TLS_AES_256_GCM_SHA384
}
rating_spec INFO { 
SSL Labs's 'SSL Server Rating Guide' (version 2009q from 2020-01-30)
}
rating_doc INFO { 
https://github.com/ssllabs/research/wiki/SSL-Server-Rating-Guide
}
protocol_support_score INFO { 
100
}
protocol_support_score_weighted INFO { 
30
}
key_exchange_score INFO { 
100
}
key_exchange_score_weighted INFO { 
30
}
cipher_strength_score INFO { 
90
}
cipher_strength_score_weighted INFO { 
36
}
final_score INFO { 
96
}
overall_grade OK { 
A+
}
scanTime INFO { 
94
}