Open
Cached
·
just now
73/100
SECURITY SCORE
Certificate Information
Subject
CN=*.crystallographycore.wisc.edu
Issuer
C=US, O=Amazon, CN=Amazon RSA 2048 M04
Valid From
October 08, 2025
Valid Until
November 06, 2026
357 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FC:38:99:8A:0B:EC:F0:63:A1:04:12:49:68:62:04:3F:80:67:79:54:DA:06:72:EF:32:2E:1D:09:1C:B9:D8:88
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
Forward Secrecy
Limited
(Check cipher configuration)
Warnings
- • TLS 1.3 is not supported (recommended)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
iea.wisc.edu
wiscience.wisc.edu
*.crystallographycore.wisc.edu
*.csd.wisc.edu
*.csld.wisc.edu
*.cspks.wisc.edu
*.culturesinconflict.wisc.edu
*.cvc.wisc.edu
*.cvrc.wisc.edu
*.cyclotron.wisc.edu
*.cytotechprogram.wisc.edu
*.daadcenter.wisc.edu
*.datawonks.wisc.edu
*.dermatology.wisc.edu
*.eap.wisc.edu
*.earthpartnership.wisc.edu
*.ecology.wisc.edu
*.econ.wisc.edu
*.ecs.wisc.edu
*.ehs.wisc.edu
*.elections.wisc.edu
*.email.wisc.edu
*.english.wisc.edu
*.entomology.wisc.edu
*.erp.wisc.edu
*.esl.wisc.edu
*.eyephoto.wisc.edu
*.financialaid.wisc.edu
*.firstwave.wisc.edu
*.flame.wisc.edu
*.foodsci.wisc.edu
*.geewisc.wisc.edu
*.geneticsinwisconsin.wisc.edu
*.geography.wisc.edu
*.ghi.wisc.edu
*.global.wisc.edu
*.gmwp.wisc.edu
*.grad.wisc.edu
*.greatlakesfibernetwork.wisc.edu
*.gws.wisc.edu
*.healthpolicy.wisc.edu
*.herbarium.wisc.edu
*.hipaa.wisc.edu
*.hlcaccreditation.wisc.edu
*.hmap.wisc.edu
*.hmongstudies.wisc.edu
*.horticulture.wisc.edu
*.hps.wisc.edu
*.iarp.wisc.edu
*.ibio.wisc.edu
*.iea.wisc.edu
*.ifli.wisc.edu
*.ils.wisc.edu
*.imaging.wisc.edu
*.integrativebiology.wisc.edu
*.international.wisc.edu
*.wiscience.wisc.edu
craiglab.biochem.wisc.edu
gaglialab.mmi.wisc.edu
gallery.education.wisc.edu
halllab.cals.wisc.edu
metar.nursing.wisc.edu
wiscprof.engr.wisc.edu
*.aces.ecology.wisc.edu
*.cap.education.wisc.edu
*.composition.english.wisc.edu
*.consortium.gws.wisc.edu
*.craiglab.biochem.wisc.edu
*.crgw.gws.wisc.edu
*.csac.history.wisc.edu
*.equilibrium.econ.wisc.edu
*.fermentations.foodsci.wisc.edu
*.gafis.frit.wisc.edu
*.gaglialab.mmi.wisc.edu
*.gallery.education.wisc.edu
*.goldberg.history.wisc.edu
*.halllab.cals.wisc.edu
*.hollingsworth.history.wisc.edu
*.info.em.wisc.edu
*.intranet.genetics.wisc.edu
*.introbio.integrativebiology.wisc.edu
*.ithim.ghi.wisc.edu
*.kinesintranet.education.wisc.edu
*.lab.csd.wisc.edu
*.metar.nursing.wisc.edu
*.naughton.geography.wisc.edu
*.new.grad.wisc.edu
*.safaa.gws.wisc.edu
*.sharp.genetics.wisc.edu
*.staff.em.wisc.edu
*.trl.education.wisc.edu
*.unesco.gws.wisc.edu
*.uwzm.ibio.wisc.edu
*.uwzm.integrativebiology.wisc.edu
*.valdivialabs.cvrc.wisc.edu
*.webforms.imaging.wisc.edu
*.wisconsinbumblebees.entomology.wisc.edu
*.wiscprof.engr.wisc.edu
*.zhonglab.genetics.wisc.edu
*.symposium.gafis.frit.wisc.edu