Open
Cached
·
just now
86/100
SECURITY SCORE
Certificate Information
Subject
C=US, ST=California, L=Redwood City, O=Oracle Corporation, CN=www-legacy-2.oracle.com
Issuer
C=US, O=DigiCert Inc, CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1
Valid From
March 17, 2025
Valid Until
March 06, 2026
121 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
B0:57:13:0B:C7:F6:BF:8B:CA:07:8A:27:C9:3F:03:55:D2:7F:D3:27:A1:43:99:DF:E7:94:44:8B:05:D5:60:CD
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
Content-Security-Policy
Weak
frame-ancestors
X-Frame-Options
Good
sameorigin
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Significantly strengthen CSP directives
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
96 domains
primavera.com
www.primavera.com
ai4data.com
www.ai4data.com
appforge.com
dev2dev.bea.com
code.cerner.com
www.cerner.de
www.cerner.es
www.cerner.nl
www.cerner.no
www.cerner.se
cerner.uk
www.cerner.uk
cernerenviza.com
go.cernerenviza.com
www.cernerenviza.com
cimmetry.com
clearapp.com
crmondemand.com.au
crmondemand.de
crmondemand.se
dyn.com
www.dyn.com
essbase.com
flexionsoft.com
flexiontech.com
g-log.com
glog.com
glog.net
glogtech.com
goldengate.com
gridhaslanded.com
gridhaslanded.info
gridhaslanded.net
gridhaslanded.org
gridhaslanded.us
hyperion.com
iflexconsulting.com
iflexsolutions.com
interlacesystems.com
lodestarcorp.net
microsoftsiebel.com
moniforce.com
mvalent.com
netsure.com
o2systems.com.br
www.o2systems.com.br
ondemandgk.com
map.internetintel.oracle.com
www-legacy-2.oracle.com
oracle.eu
oracle.lk
www.oracle.lk
oracle.se
oracle.si
oracle10g.com
oracle11i.biz
oraclemagazine.com
oraclemicros.com
www.oraclemicros.com
oramag.com
outsideinsdk.com
oxygensystems.com.br
www.oxygensystems.com.br
phaos.com
portal.com
portal.net
portal.us
www.portal.us
portalsoftware.com
www.portalsoftware.com
reveleus.com
services.com
siebel.com
siebel.dk
siebel.no
siebel8.com
siebelactivities.com
siebelcalendar.com
siebelcrmondemand.com
siebelhp.com
siebelpress.com
siebelschedule.com
sigmadynamics.com
stellent.de
stellent.nl
sunopsis.com
tangosol.com
thegridhaslanded.com
thortech.com
thortech.net
timesten.com
triplehop.com
virtualiron.com
weblogic.com
Other domains in certificate