SSL Certificate Analysis for profile.inno2fleet.com - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

C=FR, ST=Île-de-France, L=Rueil-Malmaison, O=Schneider Electric Industries SAS, CN=schneider-electric.com

Issuer

C=US, O=DigiCert Inc, CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1

Valid From

January 19, 2026

Valid Until

October 06, 2026 249 days

Public Key

ECDSA 256 bit (P-256) Adequate

Signature Algorithm

ECDSA-SHA384

SHA-256 Fingerprint

CB:AF:F0:85:8F:27:F0:7C:16:C1:F2:99:F9:8D:25:7D:C2:E5:89:78:5E:17:C1:31:CC:3C:C0:B1:1A:81:E4:8C

Alternative Names

99 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=15724800; includeSubDomains

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

99 domains

portal.inno2fleet.com profile.inno2fleet.com document-ms.services.inno2fleet.com profile.services.inno2fleet.com

Other domains in certificate

boston.dev.ita.ecostruxureit.xyz

dce.ecostruxurelab.com dce01.ecostruxurelab.com dce02.ecostruxurelab.com dce03.ecostruxurelab.com ita.ecostruxurelab.com ita01.ecostruxurelab.com ita02.ecostruxurelab.com ita03.ecostruxurelab.com nb3.ecostruxurelab.com

www.esyscfg.com

esps.powerlogic.com

academy.proleit.com nextcloud.proleit.com www.proleit.com

aet.schneider-electric.com app.schneider-electric.com igss.schneider-electric.com mft.schneider-electric.com mftqa.schneider-electric.com ping-sso-uat.schneider-electric.com ping-sso.schneider-electric.com schneider-electric.com series-rating.us.schneider-electric.com

qclienti.schneider-electric.it qvenditori.schneider-electric.it

api.ecostruxure-vision-qc.se.app demo.se.app ecostruxure-building-advisor.se.app ecostruxure-vision-qc.se.app ecostruxure-workplace-advisor.se.app ecostruxure-xr-operator-advisor.se.app integration.ecostruxure-microgrid-advisor-v3.se.app integration.ecostruxure-microgrid-advisor-v4.se.app prepentest.aac.ecostruxure-iiot.se.app

admin.tendergy.se.com alumni-in.se.com api-explorer.se.com auth.tendergy.se.com billing.tendergy.se.com caasprev.se.com careers.se.com community.se.com craft.tendergy.se.com dev-pasupport.se.com document.inno2fleet.se.com drp.globalams-api.se.com ecoxpert-file-service.se.com ecoxpert.se.com ect.se.com email.tendergy.se.com esocius-apac.se.com exst-ui-int.se.com exst-ui-ppr.se.com exst-ui-sit.se.com fleetbook.inno2fleet.se.com greenplant.se.com homaya.se.com industryservices-preview.se.com industryservices.se.com inno2fleet.se.com iter.se.com jira.se.com jiraprojects.se.com myorca.se.com nexus-assets-ppr.dev.se.com pasupport-content.se.com pasupport-graphql.se.com pb.se.com portailmobile-fr.se.com portal.inno2fleet.se.com preprod-pasupport.se.com preview.visionqc-colgate-api.se.com preview.visionqc-colgate.se.com prod.globalams-api.se.com profilemanager.inno2fleet.se.com recalls.se.com spdm-auth.se.com spdm-staging-auth.se.com spdm-staging-vault-france.se.com spdm-vault-france.se.com staging-pasupport-graphql.se.com staging-pasupport-videos.se.com staging-pasupport.se.com tax-platform.se.com tipi.se.com tools.ecoxpert.se.com toolsuat.ecoxpert.se.com websocket.myschneider.se.com

admin.services.tendergy.com auth.services.tendergy.com craft.services.tendergy.com email.services.tendergy.com i2g-billing-be.services.tendergy.com i2g-fleetapp-be.services.tendergy.com