SSL Certificate Analysis for explore.amd.com.edgekey.net - Security Grade & TLS Configuration

SSL Verification Bypassed

The server's SSL certificate could not be verified. The analysis was completed using insecure mode. Data may be less reliable.

Reason:

Hostname Mismatch - certificate is issued for amd.com, www.radeon.com, www.gpuopen.com, www.amd.com, verification.amd.com, support.amd.com, support-sit.amd.com, shop.amd.com, shop-us-en.amd.com, not for explore.amd.com.edgekey.net

Open Cached · just now

75/100 SECURITY SCORE

Certificate Information

Subject

C=US, ST=CALIFORNIA, L=Santa Clara, O=Advanced Micro Devices, Inc., CN=amd.com

Issuer

C=US, O=DigiCert Inc, OU=www.digicert.com, CN=GeoTrust TLS RSA CA G1

Valid From

November 26, 2025

Valid Until

November 25, 2026 328 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

FF:56:EF:1B:55:29:5A:0B:5A:73:89:30:B2:F2:62:DF:6D:A0:93:C6:99:D6:D9:63:7A:5A:BA:A6:E0:07:D7:CD

Alternative Names

28 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

28 domains

account.amd.com amd.com connect-sit.amd.com connect.amd.com download.amd.com drivers.amd.com explore.amd.com mars.amd.com products.amd.com search.amd.com shop-ca-en.amd.com shop-eu-de.amd.com shop-eu-en.amd.com shop-eu-fr.amd.com shop-us-en.amd.com shop.amd.com support-sit.amd.com support.amd.com verification.amd.com www.amd.com

gpuopen.com www.gpuopen.com

creators.radeon.com gaming.radeon.com instinct.radeon.com pro.radeon.com radeon.com www.radeon.com