Open
Cached
·
just now
84/100
SECURITY SCORE
Certificate Information
Subject
C=DE, ST=Bayern, O=Bayerische Akademie der Wissenschaften Leibniz-Rechenzentrum, CN=wwwv18.lrz.de
Issuer
C=GR, O=Hellenic Academic and Research Institutions CA, CN=GEANT TLS RSA 1
Valid From
October 20, 2025
Valid Until
October 20, 2026
258 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
00:DC:35:2A:0B:08:58:64:71:EE:0A:F5:A1:10:A9:3D:4B:AC:8C:41:26:91:57:1B:AE:06:61:04:A2:37:D7:50
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
same-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Not Authorized
(Potential misconfiguration)
Authorized CAs
CAA Issues
- • CRITICAL: Current certificate issuer 'C=GR, O=Hellenic Academic and Research Institutions CA, CN=GEANT TLS RSA 1' is NOT authorized by CAA records. Authorized CAs: sectigo.com, harica.gr, pki.dfn.de, telesec.de
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 4 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
- • Consider adding 'issuewild' records to control wildcard certificate issuance
Subject Alternative Names
71 domains
lrz.de
bigdata.lrz.de
elearning.lrz.de
eurompi21.lrz.de
examuc-procurement.lrz.de
examuc-proposal.lrz.de
hpc-workshop.lrz.de
intern.lrz.de
isc.lrz.de
nextgenhpc.lrz.de
phpmyadmin.lrz.de
qic.lrz.de
quantum.lrz.de
sc.lrz.de
sc20.lrz.de
softwarebezug.lrz.de
v2c.lrz.de
www.lrz.de
wwwv18.lrz.de
zki2025-herbsttagung.lrz.de
abwesend.intern.lrz.de
cave-event.v2c.lrz.de
ee-workshop.for.lrz.de
moodle-intern.srv.lrz.de
moodle-intern2.srv.lrz.de
moodle-intern3.srv.lrz.de
openlabday24.v2c.lrz.de
phpmyadmin.intern.lrz.de
secincmgmt.sec.lrz.de
site-logs.download.lrz.de
testmoodle.video.lrz.de
www.bigdata.lrz.de
www.eurompi21.lrz.de
www.hpc-workshop.lrz.de
www.isc.lrz.de
www.nextgenhpc.lrz.de
www.qic.lrz.de
www.quantum.lrz.de
www.sc.lrz.de
www.sc20.lrz.de
www.v2c.lrz.de
www.cave-event.v2c.lrz.de
bavarianqc.de
bavarianquantum.de
bqcx.de
envcomp.eu
enviroinfo2023.eu
www.enviroinfo2023.eu
hpcqc.org
www.hpcqc.org
www.leibniz-supercomputing-centre.de
www.leibniz-supercomputing-centre.eu
lrz60.de
www.lrz60.de
abwesend.lrz.de.devweb.mwn.de
chronik.webdb.devweb.mwn.de
di82ler-d.devweb.mwn.de
envicon.webdb.devweb.mwn.de
fionaproxy.intern.lrz.de.devweb.mwn.de
secincmgmt.sec.lrz.de.devweb.mwn.de
softwarebezug.lrz.de.devweb.mwn.de
swbezugtest.lrz.de.devweb.mwn.de
t3-staging.devweb.mwn.de
webdb-dev.devweb.mwn.de
webdb-wwwv18lrzde.devweb.mwn.de
websiteantrag.lrz.de.devweb.mwn.de
www.old.lrz.de.devweb.mwn.de
supercomputingcenters.org
www.supercomputingcenters.org
supercomputingcentres.org
www.supercomputingcentres.org
Other domains in certificate