SSL Certificate Analysis for lynda.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 29

Adobe Target

Microsoft Entra ID

YouTube

Adobe Audience Manager

AppNexus (Xandr) Microsoft Advertising

Citrix

DigiCert Flourish

GitHub

Google AdSense

Google Conversion Tracking

Google DoubleClick

Google reCAPTCHA

Google Search

Google Static File Front End

Google Sign-In

Google Tag Manager

LinkedIn Megaphone Microsoft Clarity Omny Studio Microsoft Power BI

SlideShare

Tealium

Vidyard

Vimeo

Google Cloud

Microsoft Azure

Certificate Information

Subject

C=US, ST=California, L=Sunnyvale, O=LinkedIn Corporation, CN=lynda.com

Issuer

C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA

Valid From

January 22, 2026

Valid Until

July 22, 2026 150 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

A1:26:0B:A3:33:30:DB:05:85:7A:ED:7B:22:63:86:9B:E5:54:CD:E9:3D:E9:7F:89:48:73:DE:9A:61:BB:64:F6

Alternative Names

21 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000

Content-Security-Policy

Good

default-src; connect-src; script-src; +9 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

sameorigin

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Strengthen CSP by removing 'unsafe-eval'
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Configured (Restricts certificate issuance)

Current Issuer

Not Authorized (Potential misconfiguration)

CAA Issues

• CRITICAL: Current certificate issuer 'C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA' is NOT authorized by CAA records. Authorized CAs:

Recommendations

• Consider using critical flag (flags=128) for stricter CAA enforcement
• Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts

Subject Alternative Names

21 domains

lynda.com admin-ldc.lynda.com admin.lynda.com api-1.lynda.com api-ldc.lynda.com authors-ldc.lynda.com authors-li.lynda.com authors.lynda.com contentadmin.lynda.com iplogin.lynda.com m-ldc.lynda.com m.lynda.com origin-qatest.lynda.com origin-www.lynda.com saml-ldc.lynda.com saml.lynda.com shib-ldc.lynda.com shib.lynda.com www-ldc.lynda.com www.lynda.com

Other domains in certificate

authors-ldc.lyndadev.com