Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
C=CH, ST=Zürich, L=Zürich, O=ABB Asea Brown Boveri Ltd, CN=waf-abb-cert15.abb.com
Issuer
C=US, O=DigiCert Inc, CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1
Valid From
December 14, 2025
Valid Until
December 15, 2026
332 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
40:18:B4:08:14:04:5D:05:36:10:C2:FD:45:51:13:C1:18:59:C8:BC:C7:54:D7:44:3B:3B:19:BB:C8:53:A1:A2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000; includeSubdomains;
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
b2bmessage-test.abb.com
buildingproductdesign.abb.com
e-invoicing-stage-ascc.abb.com
e-invoicing-test-ascc.abb.com
enclosures.abb.com
iecmotors-autoqrcode.abb.com
pa-windchill-plm.abb.com
specifier.abb.com
waf-abb-cert15.abb.com
api.easyproweb.abb.com
api.imaster.abb.com
dev.cloudintegration.abb.com
dev.sp-api.abb.com
dev.specifier.abb.com
eai.stage.abb.com
econfigure.de.abb.com
engineeringprocess.drives.abb.com
global.electrification-commercialbuildingplanner.abb.com
go.insideplus.abb.com
goselect.motion.abb.com
imschatbot.automation.abb.com
insideplus.abby.abb.com
installedbase.drives.abb.com
masterdata.cloudintegration.abb.com
preprod.smissline-designer.abb.com
qa.cloudintegration.abb.com
return-striebel.de.abb.com
stage.iecmotors-autoqrcode.abb.com
stage.jets.abb.com
stage.sp-api.abb.com
stage.specifier.abb.com
swac.robotics.abb.com
test.cloudintegration.abb.com
wmstracking.us.abb.com
api.chaman.drives.abb.com
api.eapprove.us.abb.com
api.engineeringprocess.drives.abb.com
api.filetransform.electrificationtools.abb.com
api.global.electrification-commercialbuildingplanner.abb.com
api.news.e.abb.com
api.wmstracking.us.abb.com
cloud.connect.robotics.abb.com
dashboard.installedbase.drives.abb.com
dev.api.imaster.abb.com
dev.eleai.cloudintegration.abb.com
dev.engineeringprocess.drives.abb.com
edit.news.e.abb.com
gelfhttp.logging.electrificationtools.abb.com
go.insideplus.stage.abb.com
idg.stage.ch.abb.com
pilotnz.smartmaster.measurementservice.abb.com
preprod.api.smissline-designer.abb.com
qa.goselect.motion.abb.com
stage.api.imaster.abb.com
stage.as2.cloudintegration.abb.com
stage.driveinsight.motion.abb.com
stage.eleai.cloudintegration.abb.com
stage.engineeringprocess.drives.abb.com
stage.goselect.motion.abb.com
stage.installedbase.drives.abb.com
stage.ra-workitem.cloudintegration.abb.com
test.devicemanagement.motion.abb.com
test.training-certificates.robotics.abb.com
admin.cloud.connect.robotics.abb.com
api.cloud.connect.robotics.abb.com
api.dev.chaman.drives.abb.com
api.dev.engineeringprocess.drives.abb.com
api.news.stage.e.abb.com
api.pilotnz.smartmaster.measurementservice.abb.com
api.stage.engineeringprocess.drives.abb.com
auth.cloud.connect.robotics.abb.com
data.cloud.connect.robotics.abb.com
dev.developer.devicemanagement.motion.abb.com
dev.products.mo.cloudintegration.abb.com
edit.news.stage.e.abb.com
sit.products.mo.cloudintegration.abb.com
stage.admin.customizing.mybuildings.abb.com
stage.dashboard.installedbase.drives.abb.com
stage.developer.devicemanagement.motion.abb.com
stage.new2.welcome-configurator.mybuildings.abb.com
stage.products.mo.cloudintegration.abb.com
status.cloud.connect.robotics.abb.com
test.api.devicemanagement.motion.abb.com
test.service.one.robotics.abb.com
uam.pilotnz.smartmaster.measurementservice.abb.com
api.drivesize.abb-drives.com
stage.api.electrification.ability.abb
stage.sitemanager.ability.abb
acopos-6d-launchpad-dev.br-automation.com
fiori-test.br-automation.com
fiori.br-automation.com
kc-test.br-automation.com
kc.br-automation.com
community.busch-jaeger.de
return.busch-jaeger.de
s-aot-dev.cms.abb
s-aot-play.cms.abb
s-aot-qa.cms.abb
qa.relays.protection-control.abb
relays.protection-control.abb
Other domains in certificate