Open
Cached
·
just now
75/100
SECURITY SCORE
Certificate Information
Subject
C=CH, ST=Zürich, L=Zürich, O=ABB Asea Brown Boveri Ltd, CN=waf-abb-cert03.abb.com
Issuer
C=US, O=DigiCert Inc, CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1
Valid From
December 08, 2025
Valid Until
October 20, 2026
274 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
60:8F:33:BC:11:E4:11:B6:E3:D6:B5:15:D8:B7:CA:BD:F1:01:95:D7:6D:D5:78:45:D8:50:9C:D3:51:DF:81:BD
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
65 domains
api.abbnow.com
locator.abbnow.com
test.abbnow.com
admin.test.abbnow.com
account.buildingplus.abb.com
api.buildingplus.abb.com
apiakamaitest1.abb.com
apiakamaitest2.abb.com
arcticupdate.abb.com
asccenhancement.motion.abb.com
buildingplus.abb.com
cse.robotics.abb.com
dev.api.smart-home-configurator.mybuildings.abb.com
dev.api.technicalreporting.motion.abb.com
dev.asccenhancement.motion.abb.com
dev.cloud.connect.robotics.abb.com
dev.level-selector.abb.com
dev.smart-home-configurator.mybuildings.abb.com
dev.spine.abb.com
dev.technicalreporting.motion.abb.com
edmz.eai.abb.com
level-selector.abb.com
level-selector.de.abb.com
level-selector.us.abb.com
license-service.drives.abb.com
login.account.buildingplus.abb.com
openapi.buildingplus.abb.com
powergrids.spine.abb.com
provisioning.cloud.connect.robotics.abb.com
provisioning.cloud.dev.connect.robotics.abb.com
provisioning.cloud.stg.connect.robotics.abb.com
requirements.robotics.abb.com
services.aturb.abb.com
simplyadmin.abb.com
stage.account.buildingplus.abb.com
stage.api.buildingplus.abb.com
stage.api.smart-home-configurator.mybuildings.abb.com
stage.api.technicalreporting.motion.abb.com
stage.buildingplus.abb.com
stage.cse.robotics.abb.com
stage.dms.api.technicalreporting.motion.abb.com
stage.level-selector.abb.com
stage.login.account.buildingplus.abb.com
stage.openapi.buildingplus.abb.com
stage.powergrids.spine.abb.com
stage.services.aturb.abb.com
stage.static.buildingplus.abb.com
stage.supplier-non-conformity-resolution-process.abb.com
static.buildingplus.abb.com
supplier-non-conformity-resolution-process.abb.com
test.powergrids.spine.abb.com
test.starteck.abb.com
updates.cloud.connect.robotics.abb.com
updates.cloud.dev.connect.robotics.abb.com
updates.cloud.stg.connect.robotics.abb.com
waf-abb-cert03.abb.com
www126.abb.com
api-gd04.develop-04.platform-dev.ability.abb
api.marketplace.ability.abb
stage.api.marketplace.ability.abb
api-glb01.dev.abilityplatform.abb
gpr01.abilityplatform.abb
api.smart-home-configurator.my-staging.busch-jaeger.de
dev.smart-home-configurator.my.busch-jaeger.de
dev.relays.protection-control.abb
Other domains in certificate