Open
Cached
·
just now
81/100
SECURITY SCORE
Certificate Information
Subject
C=US, ST=California, O=Apple Inc., CN=applebooks.apple
Issuer
C=US, O=Apple Inc., CN=Apple Public Server RSA CA 1 - G1
Valid From
March 18, 2026
Valid Until
June 16, 2026
70 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4A:E8:32:F8:18:42:BF:DD:1C:C3:1C:5A:06:6B:1B:72:E4:44:6C:88:8E:44:EB:6A:74:5C:B2:9D:D3:32:BD:D7
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
Forward Secrecy
Supported
(Modern clients use PFS)
Warnings
- • TLS 1.3 is not supported (recommended)
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Not Authorized
(Potential misconfiguration)
Authorized CAs
Wildcard CAs
Incident Reporting
mailto:[email protected]
CAA Issues
- • CRITICAL: Current certificate issuer 'C=US, O=Apple Inc., CN=Apple Public Server RSA CA 1 - G1' is NOT authorized by CAA records. Authorized CAs: pki.apple.com
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
Subject Alternative Names
49 domains
applebooks.apple
read.applebooks.apple
applecard.apple
post.applecard.apple
www.applecard.apple
applemusic.apple
listen.applemusic.apple
www.listen.applemusic.apple
applenews.apple
join.applenews.apple
www.join.applenews.apple
applenewsplus.apple
join.applenewsplus.apple
www.join.applenewsplus.apple
applepodcasts.apple
listen.applepodcasts.apple
www.listen.applepodcasts.apple
appletv.apple
watch.appletv.apple
appletvapp.apple
www.appletvapp.apple
watch.appletvplus.apple
arcade.apple
books.apple
business.apple
card.apple
cash.apple
classical.apple
creatorstudio.apple
events.apple
fitness.apple
giftcard.apple
guides.apple
link.apple
music.apple
musicforbusiness.apple
news.apple
newsroom.apple
www.newsroom.apple
nic.apple
www.nic.apple
one.apple
partnergateway.apple
uat.partnergateway.apple
pay.apple
podcasts.apple
retail.apple
systemstatus.apple
tv.apple
Other domains in certificate