Open
Cached
·
just now
72/100
SECURITY SCORE
Certificate Information
Subject
C=US, ST=California, L=test, O=testexample, OU=testexample, CN=testexp
Issuer
C=US, ST=California, L=test, O=testexample, OU=testexample, CN=testexp
Valid From
June 02, 2020
Valid Until
May 31, 2030
1586 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DB:57:92:EF:AC:6D:57:70:C2:E0:FA:B4:92:03:33:BE:DA:92:2E:4B:B9:8E:58:9E:3E:8F:07:68:3C:5E:89:73
Security Configuration
TLS Protocols
Forward Secrecy
Limited
(Check cipher configuration)
Warnings
- • TLS 1.3 is not supported (recommended)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports