Ministerstvo financí sdílení obsahu informací spravovaných Policií ČR k lokalizaci trestních a správních deliktů (skutků) s veřejností se subjekty samosprávy na území ČR. Aplikace tak sdružuje na jednom místě informace k výskytu deliktů kriminality evidovaných Policií ČR tak, aby nedošlo k porušení ochrany osobních údajů poškozených, jejich sekundární viktimizaci a dále k porušení ochrany osobních údajů osob podezřelých ze spáchání deliktu.
Všechno je v nejlepším pořádku a web se drží doporučených postupů.
Detailní report z HTTPs analýzy pomocí nástroje testssl.sh
server | kriminalita.policie.cz/94.199.44.183 |
pre_128cipher |
INFO
{
No 128 cipher limit bug} |
SSLv2 |
OK
{
not offered} |
SSLv3 |
OK
{
not offered} |
TLS1 |
INFO
{
not offered} |
TLS1_1 |
INFO
{
not offered} |
TLS1_2 |
OK
{
offered} |
TLS1_3 |
OK
{
offered with final} |
NPN |
INFO
{
not offered} |
ALPN_HTTP2 |
OK
{
h2} |
ALPN |
INFO
{
http/1.1} |
cipherlist_NULL
zranitelnosti:
CWE-327
|
OK
{
not offered} |
cipherlist_aNULL
zranitelnosti:
CWE-327
|
OK
{
not offered} |
cipherlist_EXPORT
zranitelnosti:
CWE-327
|
OK
{
not offered} |
cipherlist_LOW
zranitelnosti:
CWE-327
|
OK
{
not offered} |
cipherlist_3DES_IDEA
zranitelnosti:
CWE-310
|
INFO
{
not offered} |
cipherlist_AVERAGE
zranitelnosti:
CWE-310
|
INFO
{
not offered} |
cipherlist_GOOD |
INFO
{
not offered} |
cipherlist_STRONG |
OK
{
offered} |
cipher_order |
OK
{
server} |
protocol_negotiated |
OK
{
Default protocol TLS1.3} |
cipher_negotiated |
OK
{
TLS_AES_256_GCM_SHA384, 256 bit ECDH (P-256)} |
cipher-tls1_2_xc02b |
OK
{
TLSv1.2 xc02b ECDHE-ECDSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256} |
cipher-tls1_2_xc02c |
OK
{
TLSv1.2 xc02c ECDHE-ECDSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384} |
cipher-tls1_2_xcca9 |
OK
{
TLSv1.2 xcca9 ECDHE-ECDSA-CHACHA20-POLY1305 ECDH 256 ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256} |
cipher-tls1_2_xc030 |
OK
{
TLSv1.2 xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384} |
cipher-tls1_2_xc02f |
OK
{
TLSv1.2 xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256} |
cipherorder_TLSv1_2 |
INFO
{
ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256} |
prioritize_chacha_TLSv1_2 |
INFO
{
false} |
cipher-tls1_3_x1302 |
OK
{
TLSv1.3 x1302 TLS_AES_256_GCM_SHA384 ECDH 256 AESGCM 256 TLS_AES_256_GCM_SHA384} |
cipher-tls1_3_x1303 |
OK
{
TLSv1.3 x1303 TLS_CHACHA20_POLY1305_SHA256 ECDH 256 ChaCha20 256 TLS_CHACHA20_POLY1305_SHA256} |
cipher-tls1_3_x1301 |
OK
{
TLSv1.3 x1301 TLS_AES_128_GCM_SHA256 ECDH 256 AESGCM 128 TLS_AES_128_GCM_SHA256} |
cipherorder_TLSv1_3 |
INFO
{
TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256} |
prioritize_chacha_TLSv1_3 |
INFO
{
false} |
FS |
OK
{
offered} |
FS_ciphers |
INFO
{
TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305 TLS_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-GCM-SHA256} |
FS_ECDHE_curves |
OK
{
prime256v1 secp384r1 X25519} |
TLS_extensions |
INFO
{
'renegotiation info/#65281' 'EC point formats/#11' 'key share/#51' 'supported versions/#43' 'application layer protocol negotiation/#16' 'extended master secret/#23'} |
TLS_session_ticket |
INFO
{
no -- no lifetime advertised} |
SSL_sessionID_support |
INFO
{
yes} |
sessionresumption_ticket |
INFO
{
not supported} |
sessionresumption_ID |
INFO
{
supported} |
TLS_timestamp |
INFO
{
random} |
certificate_compression |
INFO
{
none} |
clientAuth |
INFO
{
none} |
cert_numbers |
INFO
{
2} |
cert_signatureAlgorithm <hostCert#1> |
OK
{
SHA256 with RSA} |
cert_keySize <hostCert#1> |
OK
{
RSA 4096 bits (exponent is 65537)} |
cert_keyUsage <hostCert#1> |
INFO
{
Digital Signature, Key Encipherment} |
cert_extKeyUsage <hostCert#1> |
INFO
{
TLS Web Server Authentication, TLS Web Client Authentication} |
cert_serialNumber <hostCert#1> |
INFO
{
C02F94375821043D9D89FE4C3059F5AA} |
cert_serialNumberLen <hostCert#1> |
INFO
{
16} |
cert_fingerprintSHA1 <hostCert#1> |
INFO
{
DD828B82EFCE7E52E59148020E841F1DA7D37822} |
cert_fingerprintSHA256 <hostCert#1> |
INFO
{
7EC46493CF523AF853BEE1752A73DBAD4249FE5C4257CADCE9FA4C9030701898} |
cert <hostCert#1> |
INFO
{
-----BEGIN CERTIFICATE----- MIIH7zCCBtegAwIBAgIRAMAvlDdYIQQ9nYn+TDBZ9aowDQYJKoZIhvcNAQELBQAw gZUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE9MDsGA1UE AxM0U2VjdGlnbyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl cnZlciBDQTAeFw0yMzA3MDQwMDAwMDBaFw0yNDA4MDMyMzU5NTlaMHIxCzAJBgNV BAYTAkNaMR4wHAYDVQQIDBVQcmFoYSwgSGxhdm7DrSBtxJtzdG8xLDAqBgNVBAoT I1BPTElDRUpOSSBQUkVaSURJVU0gQ0VTS0UgUkVQVUJMSUtZMRUwEwYDVQQDDAwq LnBvbGljaWUuY3owggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDGrkQk hiATmeHZ0XptGRZ5tWmJ2IZ+tc0jioUH/aQ4c/yT7rakXf5srZh5MeYzdRsOAKp+ baR0+wNN1o49a4z9OKDW2oLUl6TjBhFuOACJUy012p0+4JEiGj9Nj9IECP0YklUs /xfUg90VEtHSnOjJorcBK2JfZX1/kv7hE6bWInAozb10VV2BgaEETBpo4400opsW 9tBKViy9XLf0yTXSI0B9qiYrWwONDwYxptDXEUSfZH+YLLF3bWGKjwFv+C5D2NiB L+BrHHCFn4jSifCF8n/1g/NVpGX59x2P4jnrvuYDqczlUrZWy6BUfpkXScjKt6zl tqIMLXGNYv/jFeLAuQgGpntDkqScfdqmgUOza7JZ1zPvUYwtFtjIwFK4QWQbIGlu r6LyJJOLIAEAbkD1G+cAuS4EckD/gavau0v+XXQTu+cSrtc2LagM/iPmKbXslU2r BwFx/fqWvdwpSfdUuxLuE63VWKAMbouJiubotURB8Hk1yFH8E/vAwl425gqVc90Q o3HddBYv9cl3xziy4v1c06ZDTS0yu5p7eHhVrS05KPtdupoUkKJgyy6MSCoDByb8 ehXVM4YMZlcJCYyKf1DSYiVKeU7bRLJEkJ7pbNsxMabGaZ+0vZUq9DZpXjRCnhD5 E1nluMnN2d1FgTJvMqzJiAvfaiO7SBi6upNLVQIDAQABo4IDWjCCA1YwHwYDVR0j BBgwFoAUF9nWJSdn+THCSUPZMDZEjGypT+swHQYDVR0OBBYEFCpFP2kRwAuLpnSb to3Htkwr8Kw/MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjBKBgNVHSAEQzBBMDUGDCsGAQQBsjEBAgED BDAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwB AgIwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0cDovL2NybC5zZWN0aWdvLmNvbS9TZWN0 aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCB igYIKwYBBQUHAQEEfjB8MFUGCCsGAQUFBzAChklodHRwOi8vY3J0LnNlY3RpZ28u Y29tL1NlY3RpZ29SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVy Q0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5zZWN0aWdvLmNvbTAjBgNV HREEHDAaggwqLnBvbGljaWUuY3qCCnBvbGljaWUuY3owggF7BgorBgEEAdZ5AgQC BIIBawSCAWcBZQB1AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAAB iR/U1igAAAQDAEYwRAIgJVuPNwUalUGrxdS2i0Z+on5tW+Uo9IWUbwjuJumASeQC IEdhLhy0//zRxYhCs/kL9yx7ux9TK0Dp8n7UArKDa69xAHUA2ra/az+1tiKfm8K7 XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGJH9TWiAAABAMARjBEAiBcyoPJINdMOjB6 cltR5McYVf2m6DF9PK8Bu/0mIj86uwIgCMhycvJ8Gp9hNmN2nRnU+qEi02tgwe8/ JpJom21mYo8AdQDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYkf 1NZSAAAEAwBGMEQCICD3Mmr4odaFcoAScTBNwH9pkKL7XAY5Jr5lidNK/75zAiBk 9BuHtgvGAfZVJS9hGQNhIGDnGt1hiP12ILEc+aG9GzANBgkqhkiG9w0BAQsFAAOC AQEACN63ef4XPL/LohbrjQIRobBT6I6lsszH7oXMzbPPbvyLYwHCMOxuZvzQ8Qc8 67t+vT3PK0idf67fXow8fbTvdqUf8x6FEEhwp3VSV1heVVhNqGkACTod254dJylY iRfmKaiXH5RPK+c41sBmIKEioxUdrzI83+jShyU1MvUlzZ+UO9yceR/Yo568jsPz sFwCYVAiES5x0l48wOJWeCN4e25BzVP9aqj8eLytZ3Y1O3Ax4Xnrko/0bzwsyprC uWEEwTg6aIoNCjy9SgJvyKmzvqI0czy/t+Arall5owYh6v8DXWQl4/nMMXjMBI21 qsGvOxDRoP1BVsvuRLp2qYmUkw== -----END CERTIFICATE-----} |
cert_commonName <hostCert#1> |
OK
{
*.policie.cz} |
cert_commonName_wo_SNI <hostCert#1> |
INFO
{
*.policie.cz} |
cert_subjectAltName <hostCert#1> |
INFO
{
*.policie.cz policie.cz} |
cert_trust <hostCert#1> |
OK
{
Ok via SAN wildcard and CN wildcard (same w/o SNI)} |
cert_chain_of_trust <hostCert#1> |
OK
{
passed.} |
cert_certificatePolicies_EV <hostCert#1> |
INFO
{
no} |
cert_expirationStatus <hostCert#1> |
OK
{
90 >= 60 days} |
cert_notBefore <hostCert#1> |
INFO
{
2023-07-04 00:00} |
cert_notAfter <hostCert#1> |
OK
{
2024-08-03 23:59} |
cert_extlifeSpan <hostCert#1> |
OK
{
certificate has no extended life time according to browser forum} |
cert_eTLS <hostCert#1> |
INFO
{
not present} |
cert_crlDistributionPoints <hostCert#1> |
INFO
{
http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl} |
cert_ocspURL <hostCert#1> |
INFO
{
http://ocsp.sectigo.com} |
OCSP_stapling <hostCert#1> |
LOW
{
not offered} |
cert_mustStapleExtension <hostCert#1> |
INFO
{
--} |
DNS_CAArecord <hostCert#1> |
LOW
{
--} |
certificate_transparency <hostCert#1> |
OK
{
yes (certificate extension)} |
certs_countServer <hostCert#1> |
INFO
{
3} |
certs_list_ordering_problem <hostCert#1> |
INFO
{
no} |
cert_caIssuers <hostCert#1> |
INFO
{
Sectigo RSA Organization Validation Secure Server CA (Sectigo Limited from GB)} |
intermediate_cert <#1> <hostCert#1> |
INFO
{
-----BEGIN CERTIFICATE----- MIIGGTCCBAGgAwIBAgIQE31TnKp8MamkM3AZaIR6jTANBgkqhkiG9w0BAQwFADCB iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgx MTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBlTELMAkGA1UEBhMCR0IxGzAZBgNV BAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UE ChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQDEzRTZWN0aWdvIFJTQSBPcmdhbml6 YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAnJMCRkVKUkiS/FeN+S3qU76zLNXYqKXsW2kDwB0Q 9lkz3v4HSKjojHpnSvH1jcM3ZtAykffEnQRgxLVK4oOLp64m1F06XvjRFnG7ir1x on3IzqJgJLBSoDpFUd54k2xiYPHkVpy3O/c8Vdjf1XoxfDV/ElFw4Sy+BKzL+k/h fGVqwECn2XylY4QZ4ffK76q06Fha2ZnjJt+OErK43DOyNtoUHZZYQkBuCyKFHFEi rsTIBkVtkuZntxkj5Ng2a4XQf8dS48+wdQHgibSov4o2TqPgbOuEQc6lL0giE5dQ YkUeCaXMn2xXcEAG2yDoG9bzk4unMp63RBUJ16/9fAEc2wIDAQABo4IBbjCCAWow HwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFBfZ1iUn Z/kxwklD2TA2RIxsqU/rMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/ AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYG BFUdIAAwCAYGZ4EMAQICMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNl cnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNy bDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRy dXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZ aHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAThNA lsnD5m5bwOO69Bfhrgkfyb/LDCUW8nNTs3Yat6tIBtbNAHwgRUNFbBZaGxNh10m6 pAKkrOjOzi3JKnSj3N6uq9BoNviRrzwB93fVC8+Xq+uH5xWo+jBaYXEgscBDxLmP bYox6xU2JPti1Qucj+lmveZhUZeTth2HvbC1bP6mESkGYTQxMD0gJ3NR0N6Fg9N3 OSBGltqnxloWJ4Wyz04PToxcvr44APhL+XJ71PJ616IphdAEutNCLFGIUi7RPSRn R+xVzBv0yjTqJsHe3cQhifa6ezIejpZehEU4z4CqN2mLYBd0FUiRnG3wTqN3yhsc SPr5z0noX0+FCuKPkBurcEya67emP7SsXaRfz+bYipaQ908mgWB2XQ8kd5GzKjGf FlqyXYwcKapInI5v03hAcNt37N3j0VcFcC3mSZiIBYRiBXBWdoY5TtMibx3+bfEO s2LEPMvAhblhHrrhFYBZlAyuBbuMf1a+HNJav5fyakywxnB2sJCNwQs2uRHY1ihc 6k/+JLcYCpsM0MF8XPtpvcyiTcaQvKZN8rG61ppnW5YCUtCC+cQKXA0o4D/I+pWV idWkvklsQLI+qGu41SWyxP7x09fn1txDAXYw+zuLXfdKiXyaNb78yvBXAfCNP6CH MntHWpdLgtJmwsQt6j8k9Kf5qLnjatkYYaA7jBU= -----END CERTIFICATE-----} |
intermediate_cert_fingerprintSHA256 <#1> <hostCert#1> |
INFO
{
72A34AC2B424AED3F6B0B04755B88CC027DCCC806FDDB22B4CD7C47773973EC0} |
intermediate_cert_notBefore <#1> <hostCert#1> |
INFO
{
2018-11-02 00:00} |
intermediate_cert_notAfter <#1> <hostCert#1> |
OK
{
2030-12-31 23:59} |
intermediate_cert_expiration <#1> <hostCert#1> |
OK
{
ok > 40 days} |
intermediate_cert_chain <#1> <hostCert#1> |
INFO
{
Sectigo RSA Organization Validation Secure Server CA <-- USERTrust RSA Certification Authority} |
intermediate_cert <#2> <hostCert#1> |
INFO
{
-----BEGIN CERTIFICATE----- MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B 3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/ Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2 VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT 79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6 c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3 ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs 8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/ qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG jjxDah2nGN59PRbxYvnKkKj9 -----END CERTIFICATE-----} |
intermediate_cert_fingerprintSHA256 <#2> <hostCert#1> |
INFO
{
E793C9B02FD8AA13E21C31228ACCB08119643B749C898964B1746D46C3D4CBD2} |
intermediate_cert_notBefore <#2> <hostCert#1> |
INFO
{
2010-02-01 00:00} |
intermediate_cert_notAfter <#2> <hostCert#1> |
OK
{
2038-01-18 23:59} |
intermediate_cert_expiration <#2> <hostCert#1> |
OK
{
ok > 40 days} |
intermediate_cert_chain <#2> <hostCert#1> |
INFO
{
USERTrust RSA Certification Authority <-- USERTrust RSA Certification Authority} |
intermediate_cert_badOCSP <hostCert#1> |
OK
{
intermediate certificate(s) is/are ok} |
cert_signatureAlgorithm <hostCert#2> |
OK
{
ECDSA with SHA256} |
cert_keySize <hostCert#2> |
OK
{
EC 384 bits (curve P-384)} |
cert_keyUsage <hostCert#2> |
INFO
{
Digital Signature} |
cert_extKeyUsage <hostCert#2> |
INFO
{
TLS Web Server Authentication, TLS Web Client Authentication} |
cert_serialNumber <hostCert#2> |
INFO
{
FB092DE7F2E9B9C57E4350A499257E1F} |
cert_serialNumberLen <hostCert#2> |
INFO
{
16} |
cert_fingerprintSHA1 <hostCert#2> |
INFO
{
2BB3DD70F3C83B3FE4AEFC534C87C202DD17E872} |
cert_fingerprintSHA256 <hostCert#2> |
INFO
{
7F7C8600E7F41DBBB47B098586263D1BA3B63886C0D9D31F41248F5271DFA7A3} |
cert <hostCert#2> |
INFO
{
-----BEGIN CERTIFICATE----- MIIFiDCCBS+gAwIBAgIRAPsJLefy6bnFfkNQpJklfh8wCgYIKoZIzj0EAwIwgZUx CzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNV BAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE9MDsGA1UEAxM0 U2VjdGlnbyBFQ0MgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZl ciBDQTAeFw0yMzA4MTQwMDAwMDBaFw0yNDA5MTMyMzU5NTlaMHUxCzAJBgNVBAYT AkNaMR4wHAYDVQQIDBVQcmFoYSwgSGxhdm7DrSBtxJtzdG8xLzAtBgNVBAoMJlBP TElDRUpOw40gUFJFWklESVVNIMSMRVNLw4kgUkVQVUJMSUtZMRUwEwYDVQQDDAwq LnBvbGljaWUuY3owdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATwmfPv+PghEc1fDzcP qGNDvpZJw4+T2TDUIcd8fF1wtQeA9WpJqzedQbo97buuEhYrO/U9f+iJIuXsE4AD OLqMpBlBsZ1EODbapEPoWduOoiKPp1RYXpUZAn/MRsUa0fajggNgMIIDXDAfBgNV HSMEGDAWgBRNSu/ERrMSrU9OmrFZ4lGrCBB4CDAdBgNVHQ4EFgQUcz+thUXy3krr /T8KMJS2VUtVw94wDgYDVR0PAQH/BAQDAgeAMAwGA1UdEwEB/wQCMAAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEoGA1UdIARDMEEwNQYMKwYBBAGyMQEC AQMEMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeB DAECAjBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLnNlY3RpZ28uY29tL1Nl Y3RpZ29FQ0NPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3Js MIGKBggrBgEFBQcBAQR+MHwwVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuc2VjdGln by5jb20vU2VjdGlnb0VDQ09yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2 ZXJDQS5jcnQwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMCMG A1UdEQQcMBqCDCoucG9saWNpZS5jeoIKcG9saWNpZS5jejCCAYEGCisGAQQB1nkC BAIEggFxBIIBbQFrAHcAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQA AAGJ8yacDQAABAMASDBGAiEA9xVM0E3TxmII55lPo5JpIP2XQwjowEup/Sn274LM N8oCIQD069zLqqKddkV+5b6YoydEDBDk2W7GtYoVVDyvHrGZRAB3ANq2v2s/tbYi n5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABifMmnE8AAAQDAEgwRgIhAJbX8Zmk jcvIhSTOmorAGDUU6blZ18FkbN6mLKq/QFAqAiEAwg+qer0zb9lgKRaDmebwI+91 gFcNzPCh4MGFPgI968oAdwDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1 mwAAAYnzJpx3AAAEAwBIMEYCIQDhzjOkrmk3+AYsJ2LjfT922mfDmaO3I6x/lX1e K5LigQIhAILpb5Wlh+1diCgacWXeP7O90rOKMIg+CDop/ihcE1hfMAoGCCqGSM49 BAMCA0cAMEQCIAkgJ4qhE5V2JAh2LkrchXFDyuWqXebYTdxvrJlyJc2fAiBwRxuZ HFWEGl/EJDop/FjjhOnRmRD7d5fANKOD/THRvg== -----END CERTIFICATE-----} |
cert_commonName <hostCert#2> |
OK
{
*.policie.cz} |
cert_commonName_wo_SNI <hostCert#2> |
INFO
{
*.policie.cz} |
cert_subjectAltName <hostCert#2> |
INFO
{
*.policie.cz policie.cz} |
cert_trust <hostCert#2> |
OK
{
Ok via SAN wildcard and CN wildcard (same w/o SNI)} |
cert_chain_of_trust <hostCert#2> |
OK
{
passed.} |
cert_certificatePolicies_EV <hostCert#2> |
INFO
{
no} |
cert_expirationStatus <hostCert#2> |
OK
{
131 >= 60 days} |
cert_notBefore <hostCert#2> |
INFO
{
2023-08-14 00:00} |
cert_notAfter <hostCert#2> |
OK
{
2024-09-13 23:59} |
cert_extlifeSpan <hostCert#2> |
OK
{
certificate has no extended life time according to browser forum} |
cert_eTLS <hostCert#2> |
INFO
{
not present} |
cert_crlDistributionPoints <hostCert#2> |
INFO
{
http://crl.sectigo.com/SectigoECCOrganizationValidationSecureServerCA.crl} |
cert_ocspURL <hostCert#2> |
INFO
{
http://ocsp.sectigo.com} |
OCSP_stapling <hostCert#2> |
LOW
{
not offered} |
cert_mustStapleExtension <hostCert#2> |
INFO
{
--} |
DNS_CAArecord <hostCert#2> |
LOW
{
--} |
certificate_transparency <hostCert#2> |
OK
{
yes (certificate extension)} |
certs_countServer <hostCert#2> |
INFO
{
4} |
certs_list_ordering_problem <hostCert#2> |
INFO
{
no} |
cert_caIssuers <hostCert#2> |
INFO
{
Sectigo ECC Organization Validation Secure Server CA (Sectigo Limited from GB)} |
intermediate_cert <#1> <hostCert#2> |
INFO
{
-----BEGIN CERTIFICATE----- MIIDrjCCAzOgAwIBAgIQNb50Y4yz6d4oBXC3l4CzZzAKBggqhkjOPQQDAzCBiDEL MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgxMTAy MDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBlTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMP U2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQDEzRTZWN0aWdvIEVDQyBPcmdhbml6YXRp b24gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMFkwEwYHKoZIzj0CAQYIKoZI zj0DAQcDQgAEnI5cCmFvoVij0NXO+vxE+f+6Bh57FhpyH0LTCrJmzfsPSXIhTSex r92HOlz+aHqoGE0vSe/CSwLFoWcZ8W1jOaOCAW4wggFqMB8GA1UdIwQYMBaAFDrh CYbUzxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBRNSu/ERrMSrU9OmrFZ4lGrCBB4 CDAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgGBmeBDAEC AjBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNF UlRydXN0RUNDQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEE ajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRy dXN0RUNDQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVz ZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDaQAwZgIxAOk//uo7i/MoeKdcyeqvjOXs BJFGLI+1i0d+Tty7zEnn2w4DNS21TK8wmY3Kjm3EmQIxAPI1qHM/I+OS+hx0OZhG fDoNifTe/GxgWZ1gOYQKzn6lwP0yGKlrP+7vrVC8IczJ4A== -----END CERTIFICATE-----} |
intermediate_cert_fingerprintSHA256 <#1> <hostCert#2> |
INFO
{
3457106752400212903A3545CA3B2EF384A456972BD951D8D840C1B0A379EFA1} |
intermediate_cert_notBefore <#1> <hostCert#2> |
INFO
{
2018-11-02 00:00} |
intermediate_cert_notAfter <#1> <hostCert#2> |
OK
{
2030-12-31 23:59} |
intermediate_cert_expiration <#1> <hostCert#2> |
OK
{
ok > 40 days} |
intermediate_cert_chain <#1> <hostCert#2> |
INFO
{
Sectigo ECC Organization Validation Secure Server CA <-- USERTrust ECC Certification Authority} |
intermediate_cert <#2> <hostCert#2> |
INFO
{
-----BEGIN CERTIFICATE----- MIID0zCCArugAwIBAgIQVmcdBOpPmUxvEIFHWdJ1lDANBgkqhkiG9w0BAQwFADB7 MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTE5MDMxMjAwMDAwMFoXDTI4 MTIzMTIzNTk1OVowgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5 MRQwEgYDVQQHEwtKZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBO ZXR3b3JrMS4wLAYDVQQDEyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0 aG9yaXR5MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEGqxUWqn5aCPnetUkb1PGWthL q8bVttHmc3Gu3ZzWDGH926CJA7gFFOxXzu5dP+Ihs8731Ip54KODfi2X0GHE8Znc JZFjq38wo7Rw4sehM5zzvy5cU7Ffs30yf4o043l5o4HyMIHvMB8GA1UdIwQYMBaA FKARCiM+lvEH7OKvKe+CpX/QMKS0MB0GA1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1 xmNjmjAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zARBgNVHSAECjAI MAYGBFUdIAAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5j b20vQUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNAYIKwYBBQUHAQEEKDAmMCQG CCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wDQYJKoZIhvcNAQEM BQADggEBABns652JLCALBIAdGN5CmXKZFjK9Dpx1WywV4ilAbe7/ctvbq5AfjJXy ij0IckKJUAfiORVsAYfZFhr1wHUrxeZWEQff2Ji8fJ8ZOd+LygBkc7xGEJuTI42+ FsMuCIKchjN0djsoTI0DQoWz4rIjQtUfenVqGtF8qmchxDM6OW1TyaLtYiKou+JV bJlsQ2uRl9EMC5MCHdK8aXdJ5htN978UeAOwproLtOGFfy/cQjutdAFI3tZs4RmY CV4Ks2dH/hzg1cEo70qLRDEmBDeNiXQ2Lu+lIg+DdEmSx/cQwgwp+7e9un/jX9Wf 8qn0dNW44bOwgeThpWOjzOoEeJBuv/c= -----END CERTIFICATE-----} |
intermediate_cert_fingerprintSHA256 <#2> <hostCert#2> |
INFO
{
A6CF64DBB4C8D5FD19CE48896068DB03B533A8D1336C6256A87D00CBB3DEF3EA} |
intermediate_cert_notBefore <#2> <hostCert#2> |
INFO
{
2019-03-12 00:00} |
intermediate_cert_notAfter <#2> <hostCert#2> |
OK
{
2028-12-31 23:59} |
intermediate_cert_expiration <#2> <hostCert#2> |
OK
{
ok > 40 days} |
intermediate_cert_chain <#2> <hostCert#2> |
INFO
{
USERTrust ECC Certification Authority <-- AAA Certificate Services} |
intermediate_cert <#3> <hostCert#2> |
INFO
{
-----BEGIN CERTIFICATE----- MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmlj YXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVowezEL MAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE BwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNVBAMM GEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQua BtDFcCLNSS1UY8y2bmhGC1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe 3M/vg4aijJRPn2jymJBGhCfHdr/jzDUsi14HZGWCwEiwqJH5YZ92IFCokcdmtet4 YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszWY19zjNoFmag4qMsXeDZR rOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjHYpy+g8cm ez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQU oBEKIz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF MAMBAf8wewYDVR0fBHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29t b2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDANBgkqhkiG9w0BAQUF AAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm7l3sAg9g1o1Q GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2 G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3 smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg== -----END CERTIFICATE-----} |
intermediate_cert_fingerprintSHA256 <#3> <hostCert#2> |
INFO
{
D7A7A0FB5D7E2731D771E9484EBCDEF71D5F0C3E0A2948782BC83EE0EA699EF4} |
intermediate_cert_notBefore <#3> <hostCert#2> |
INFO
{
2004-01-01 00:00} |
intermediate_cert_notAfter <#3> <hostCert#2> |
OK
{
2028-12-31 23:59} |
intermediate_cert_expiration <#3> <hostCert#2> |
OK
{
ok > 40 days} |
intermediate_cert_chain <#3> <hostCert#2> |
INFO
{
AAA Certificate Services <-- AAA Certificate Services} |
intermediate_cert_badOCSP <hostCert#2> |
OK
{
intermediate certificate(s) is/are ok} |
HTTP_status_code |
INFO
{
200 OK ('/')} |
HTTP_clock_skew |
INFO
{
0 seconds from localtime} |
HTTP_headerTime |
INFO
{
1714940312} |
HSTS |
LOW
{
not offered} |
HPKP |
INFO
{
No support for HTTP Public Key Pinning} |
banner_server |
INFO
{
No Server banner line in header, interesting!} |
banner_application |
INFO
{
No application banner found} |
cookie_count |
INFO
{
0 at '/'} |
security_headers |
MEDIUM
{
--} |
banner_reverseproxy
zranitelnosti:
CWE-200
|
INFO
{
--} |
heartbleed
zranitelnosti:
CVE-2014-0160
CWE-119
|
OK
{
not vulnerable, no heartbeat extension} |
CCS
zranitelnosti:
CVE-2014-0224
CWE-310
|
OK
{
not vulnerable} |
ticketbleed
zranitelnosti:
CVE-2016-9244
CWE-200
|
OK
{
no session ticket extension} |
ROBOT |
OK
{
not vulnerable, no RSA key transport cipher} |
secure_renego
zranitelnosti:
CWE-310
|
OK
{
supported} |
secure_client_renego
zranitelnosti:
CVE-2011-1473
CWE-310
|
OK
{
not vulnerable} |
CRIME_TLS
zranitelnosti:
CVE-2012-4929
CWE-310
|
OK
{
not vulnerable} |
BREACH
zranitelnosti:
CVE-2013-3587
CWE-310
|
MEDIUM
{
potentially VULNERABLE, gzip deflate compress br HTTP compression detected - only supplied '/' tested} |
POODLE_SSL
zranitelnosti:
CVE-2014-3566
CWE-310
|
OK
{
not vulnerable, no SSLv3} |
fallback_SCSV |
OK
{
no protocol below TLS 1.2 offered} |
SWEET32 |
OK
{
not vulnerable} |
FREAK
zranitelnosti:
CVE-2015-0204
CWE-310
|
OK
{
not vulnerable} |
DROWN |
OK
{
not vulnerable on this host and port} |
DROWN_hint |
INFO
{
Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=7EC46493CF523AF853BEE1752A73DBAD4249FE5C4257CADCE9FA4C9030701898} |
LOGJAM
zranitelnosti:
CVE-2015-4000
CWE-310
|
OK
{
not vulnerable, no DH EXPORT ciphers,} |
LOGJAM-common_primes
zranitelnosti:
CVE-2015-4000
CWE-310
|
OK
{
no DH key with <= TLS 1.2} |
BEAST
zranitelnosti:
CVE-2011-3389
CWE-20
|
OK
{
not vulnerable, no SSL3 or TLS1} |
LUCKY13
zranitelnosti:
CVE-2013-0169
CWE-310
|
OK
{
not vulnerable} |
winshock
zranitelnosti:
CVE-2014-6321
CWE-94
|
OK
{
not vulnerable} |
RC4 |
OK
{
not vulnerable} |
clientsimulation-android_442 |
INFO
{
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256} |
clientsimulation-android_500 |
INFO
{
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256} |
clientsimulation-android_60 |
INFO
{
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256} |
clientsimulation-android_70 |
INFO
{
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256} |
clientsimulation-android_81 |
INFO
{
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256} |
clientsimulation-android_90 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
clientsimulation-android_X |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
clientsimulation-chrome_74_win10 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
clientsimulation-chrome_79_win10 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
clientsimulation-firefox_66_win81 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
clientsimulation-firefox_71_win10 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
clientsimulation-ie_6_xp |
INFO
{
No connection} |
clientsimulation-ie_8_win7 |
INFO
{
No connection} |
clientsimulation-ie_8_xp |
INFO
{
No connection} |
clientsimulation-ie_11_win7 |
INFO
{
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256} |
clientsimulation-ie_11_win81 |
INFO
{
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256} |
clientsimulation-ie_11_winphone81 |
INFO
{
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256} |
clientsimulation-ie_11_win10 |
INFO
{
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256} |
clientsimulation-edge_15_win10 |
INFO
{
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256} |
clientsimulation-edge_17_win10 |
INFO
{
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256} |
clientsimulation-opera_66_win10 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
clientsimulation-safari_9_ios9 |
INFO
{
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256} |
clientsimulation-safari_9_osx1011 |
INFO
{
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256} |
clientsimulation-safari_10_osx1012 |
INFO
{
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256} |
clientsimulation-safari_121_ios_122 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
clientsimulation-safari_130_osx_10146 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
clientsimulation-apple_ats_9_ios9 |
INFO
{
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256} |
clientsimulation-java_6u45 |
INFO
{
No connection} |
clientsimulation-java_7u25 |
INFO
{
No connection} |
clientsimulation-java_8u161 |
INFO
{
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256} |
clientsimulation-java1102 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
clientsimulation-java1201 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
clientsimulation-openssl_102e |
INFO
{
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256} |
clientsimulation-openssl_110l |
INFO
{
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256} |
clientsimulation-openssl_111d |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
clientsimulation-thunderbird_68_3_1 |
INFO
{
TLSv1.3 TLS_AES_256_GCM_SHA384} |
rating_spec |
INFO
{
SSL Labs's 'SSL Server Rating Guide' (version 2009q from 2020-01-30)} |
rating_doc |
INFO
{
https://github.com/ssllabs/research/wiki/SSL-Server-Rating-Guide} |
protocol_support_score |
INFO
{
100} |
protocol_support_score_weighted |
INFO
{
30} |
key_exchange_score |
INFO
{
100} |
key_exchange_score_weighted |
INFO
{
30} |
cipher_strength_score |
INFO
{
90} |
cipher_strength_score_weighted |
INFO
{
36} |
final_score |
INFO
{
96} |
overall_grade |
OK
{
A} |
grade_cap_reason_1 |
INFO
{
Grade capped to A. HSTS is not offered} |
scanTime |
INFO
{
96} |