Open
Cached
·
just now
81/100
SECURITY SCORE
Certificate Information
Subject
C=CH, ST=Genève, O=CERN Organisation Européenne pour la Recherche Nucléaire, CN=www.cern.ch
Issuer
C=GB, O=Sectigo Limited, CN=Sectigo Public Server Authentication CA OV R36
Valid From
November 05, 2025
Valid Until
November 24, 2026
368 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
17:0D:6B:78:94:64:BC:C4:3F:F6:0F:D0:0C:82:5B:26:15:2E:11:60:97:69:F2:77:9C:B1:6B:33:9E:CF:5C:90
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
105 domains
cern.ch
aliceinfo.cern.ch
bulletinserv.cern.ch
dashb-cms-vo-feed.cern.ch
groups.cern.ch
info.cern.ch
monit.cern.ch
pensionfund.cern.ch
quantum.cern.ch
root.cern.ch
search.cern.ch
www.cern.ch
*.app.cern.ch
*.apptest.cern.ch
*.docs.cern.ch
*.web.cern.ch
*.webtest.cern.ch
about.cern
accelerating-news.eu
acceleratingnews.eu
accelerators.cern
againstcovid19.cern
alice.cern
ams02.space
www.ams02.space
antimatter.cern
arts.cern
www.arts.cern
at.cern
atlas.cern
www.atlas.cern
awake.cern
beamlineforschools.cern
beams.cern
belgium.cern
careers.cern
cern.int
www.cern.int
cern70.cern
cernandsocietyfoundation.cern
chis.cern
cixp.net
www.cixp.net
clear.cern
clic.cern
cms.cern
computing.cern
cosmicrays.cern
darkmatter.cern
education.cern
engineering.cern
environment.cern
europeanstrategy.cern
experiments.cern
flair.cern
fluka.cern
giving.cern
higgsboson.cern
home.cern
www.home.cern
hse.cern
ideasquare.cern
ifast-project.eu
internationalrelations.cern
ippog.org
isolde.cern
jobs.cern
knowledge.cern
kt.cern
learn.cern
lhc.cern
library.cern
medicis.cern
news.cern
newsroom.cern
nic.cern
norway.cern
open-quantum-institute.cern
opendays.cern
openlab.cern
openscience.cern
opensource.cern
oqi.cern
particles.cern
physics.cern
press.cern
quantum.cern
root.cern
science.cern
sciencegateway.cern
scienceinschool.org
scientific-info.cern
sparks.cern
staff-association.cern
standardmodel.cern
supersymmetry.cern
teachers.cern
technology.cern
theory.cern
united-states.cern
ventureconnect.cern
visit.cern
voisins.cern
webfest.cern
www.cern
Other domains in certificate