SSL Certificate Analysis for broadcom.com - Security Grade & TLS Configuration

Open Cached · 6m ago

86/100 SECURITY SCORE

Certificate Information

Subject

C=US, ST=California, L=Palo Alto, O=Broadcom Inc., CN=www.broadcom.com

Issuer

C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1

Valid From

October 02, 2025

Valid Until

April 03, 2026 151 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

47:F3:65:B9:A5:1A:0C:BE:FC:5A:45:FF:6E:0F:0A:97:9C:3C:7B:85:F3:AA:1E:F1:C5:E2:62:B6:FD:EB:62:A0

Alternative Names

205 domains

Security Configuration

TLS Protocols

TLS 1.2

Forward Secrecy

Limited (Check cipher configuration)

Warnings

• TLS 1.3 is not supported (recommended)

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=31536000; includeSubDomains; preload

Content-Security-Policy

Basic

frame-ancestors; script-src; object-src

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

205 domains

broadcom.com *.broadcom.com globalbroadcom.com gobroadcom.com hdbroadcom.com i-broadcom.com ibroadcom.com mybroadcom.com poweredbybroadcom.com *.globalbroadcom.com *.gobroadcom.com *.hdbroadcom.com *.i-broadcom.com *.ibroadcom.com *.mybroadcom.com *.poweredbybroadcom.com configmax.broadcom.com error.broadcom.com go.broadcom.com interopmatrix.broadcom.com jp.broadcom.com ports.broadcom.com static.broadcom.com symantec-blogs.broadcom.com vvs-staging.broadcom.com vvs.broadcom.com webapp.broadcom.com www.broadcom.com *.aws.broadcom.com *.mainframe.broadcom.com www.arcot.broadcom.com www.mainframe.broadcom.com www.software.broadcom.com

Other domains in certificate

54g.org *.54g.org

5gwifi.org *.5gwifi.org

80211n.com *.80211n.com

ap4zlabs.com *.ap4zlabs.com

appneta.com *.appneta.com docs.appneta.com www.appneta.com

arcot.com www.arcot.com

automic.com *.automic.com www.automic.com

avagoresponsecenter.com www.avagoresponsecenter.com

avagotech.cn www.avagotech.cn

avagotech.co.jp www.avagotech.co.jp

avagotech.com www.avagotech.com

baydynamics.com *.baydynamics.com

blue-coat.com *.blue-coat.com

bluecoat.com *.bluecoat.com

bluecoat.net *.bluecoat.net

bluecoatusergroup.info *.bluecoatusergroup.info

botong-chip.com *.botong-chip.com

botong-ic.com *.botong-ic.com

botongchip.com *.botongchip.com

broadcom-ic.com *.broadcom-ic.com

broadcom.asia *.broadcom.asia

broadcom.cn cmsgolive.broadcom.cn www.broadcom.cn

broadcom.co.uk *.broadcom.co.uk

broadcom.com.br *.broadcom.com.br

broadcom.eu *.broadcom.eu

broadcom.hk *.broadcom.hk

broadcom.in *.broadcom.in

broadcom.info *.broadcom.info

broadcom.mx *.broadcom.mx

broadcom.sg *.broadcom.sg

broadcom.tv *.broadcom.tv

broadcom.tw *.broadcom.tw

broadcom.xn--fiqs8s *.broadcom.xn--fiqs8s

broadcomkorea.net *.broadcomkorea.net

broadcomm-usa.net *.broadcomm-usa.net

broadcomm.net *.broadcomm.net

broadcomnet.net *.broadcomnet.net

broadcomsolutions.com *.broadcomsolutions.com

broadcomtechs.net *.broadcomtechs.net

broadcomtv.net *.broadcomtv.net

brocade.com *.brocade.com

ca.com *.ca.com

broadcom.com.hk *.broadcom.com.hk

broadcom.com.tw *.broadcom.com.tw connectingeverything.com.tw *.connectingeverything.com.tw teknovus.com.tw *.teknovus.com.tw

connectingeverything.com *.connectingeverything.com

connectingeverything.de *.connectingeverything.de

connectingeverything.eu *.connectingeverything.eu

connectingeverything.tv *.connectingeverything.tv

connectingeverything.tw *.connectingeverything.tw

data-leakage-protection.com *.data-leakage-protection.com

dataleakageprotection.com *.dataleakageprotection.com

ethicalmainframehacking.com *.ethicalmainframehacking.com

evilmainframe.com *.evilmainframe.com

firepath.eu *.firepath.eu

foit-foxconn.com *.foit-foxconn.com

globalbroadcom.net *.globalbroadcom.net

hostbridge.com *.hostbridge.com

luminate.io *.luminate.io

messagelabs.com *.messagelabs.com

mybroadcom.net *.mybroadcom.net

relarc.com *.relarc.com

rfid-ic.eu *.rfid-ic.eu

security.com *.security.com

solaranetworks.net *.solaranetworks.net

solera-networks.com *.solera-networks.com

symantec-smb-solutions.com.au *.symantec-smb-solutions.com.au

symantec.careers *.symantec.careers

symantec.com *.symantec.com

symantec.holdings *.symantec.holdings

symantec.ninja *.symantec.ninja

symantec.nr *.symantec.nr

symantec.pro *.symantec.pro

symantec.tech *.symantec.tech

symantec.vip *.symantec.vip

symantecsecuresite.com *.symantecsecuresite.com

symantecsecuresite.net *.symantecsecuresite.net

symantecssl.asia *.symantecssl.asia

symantecssl.fr *.symantecssl.fr

symantecverisign.com *.symantecverisign.com

teknovus.com *.teknovus.com

terabit-bidi-msa.com www.terabit-bidi-msa.com

vmware.com *.vmware.com