SSL Certificate Analysis for nextcloud.proleit.com - Security Grade & TLS Configuration

Open Cached · just now

79/100 SECURITY SCORE

Certificate Information

Subject

C=FR, ST=Île-de-France, L=Rueil-Malmaison, O=Schneider Electric Industries SAS, CN=schneider-electric.com

Issuer

C=US, O=DigiCert Inc, CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1

Valid From

January 19, 2026

Valid Until

October 06, 2026 248 days

Public Key

ECDSA 256 bit (P-256) Adequate

Signature Algorithm

ECDSA-SHA384

SHA-256 Fingerprint

CB:AF:F0:85:8F:27:F0:7C:16:C1:F2:99:F9:8D:25:7D:C2:E5:89:78:5E:17:C1:31:CC:3C:C0:B1:1A:81:E4:8C

Alternative Names

99 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

99 domains

academy.proleit.com nextcloud.proleit.com www.proleit.com

Other domains in certificate

boston.dev.ita.ecostruxureit.xyz

dce.ecostruxurelab.com dce01.ecostruxurelab.com dce02.ecostruxurelab.com dce03.ecostruxurelab.com ita.ecostruxurelab.com ita01.ecostruxurelab.com ita02.ecostruxurelab.com ita03.ecostruxurelab.com nb3.ecostruxurelab.com

www.esyscfg.com

document-ms.services.inno2fleet.com portal.inno2fleet.com profile.inno2fleet.com profile.services.inno2fleet.com

esps.powerlogic.com

aet.schneider-electric.com app.schneider-electric.com igss.schneider-electric.com mft.schneider-electric.com mftqa.schneider-electric.com ping-sso-uat.schneider-electric.com ping-sso.schneider-electric.com schneider-electric.com series-rating.us.schneider-electric.com

qclienti.schneider-electric.it qvenditori.schneider-electric.it

api.ecostruxure-vision-qc.se.app demo.se.app ecostruxure-building-advisor.se.app ecostruxure-vision-qc.se.app ecostruxure-workplace-advisor.se.app ecostruxure-xr-operator-advisor.se.app integration.ecostruxure-microgrid-advisor-v3.se.app integration.ecostruxure-microgrid-advisor-v4.se.app prepentest.aac.ecostruxure-iiot.se.app

admin.tendergy.se.com alumni-in.se.com api-explorer.se.com auth.tendergy.se.com billing.tendergy.se.com caasprev.se.com careers.se.com community.se.com craft.tendergy.se.com dev-pasupport.se.com document.inno2fleet.se.com drp.globalams-api.se.com ecoxpert-file-service.se.com ecoxpert.se.com ect.se.com email.tendergy.se.com esocius-apac.se.com exst-ui-int.se.com exst-ui-ppr.se.com exst-ui-sit.se.com fleetbook.inno2fleet.se.com greenplant.se.com homaya.se.com industryservices-preview.se.com industryservices.se.com inno2fleet.se.com iter.se.com jira.se.com jiraprojects.se.com myorca.se.com nexus-assets-ppr.dev.se.com pasupport-content.se.com pasupport-graphql.se.com pb.se.com portailmobile-fr.se.com portal.inno2fleet.se.com preprod-pasupport.se.com preview.visionqc-colgate-api.se.com preview.visionqc-colgate.se.com prod.globalams-api.se.com profilemanager.inno2fleet.se.com recalls.se.com spdm-auth.se.com spdm-staging-auth.se.com spdm-staging-vault-france.se.com spdm-vault-france.se.com staging-pasupport-graphql.se.com staging-pasupport-videos.se.com staging-pasupport.se.com tax-platform.se.com tipi.se.com tools.ecoxpert.se.com toolsuat.ecoxpert.se.com websocket.myschneider.se.com

admin.services.tendergy.com auth.services.tendergy.com craft.services.tendergy.com email.services.tendergy.com i2g-billing-be.services.tendergy.com i2g-fleetapp-be.services.tendergy.com