Open
Cached
·
just now
89/100
SECURITY SCORE
Certificate Information
Subject
C=FR, ST=Île-de-France, L=Rueil-Malmaison, O=Schneider Electric Industries SAS, CN=schneider-electric.com
Issuer
C=US, O=DigiCert Inc, CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1
Valid From
January 21, 2026
Valid Until
August 25, 2026
204 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
CD:7D:6C:87:0F:78:25:BB:44:C7:42:B8:38:06:2C:8D:53:22:E0:81:58:EB:7E:76:BC:C9:1B:46:0C:F4:2B:FA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; child-src; script-src; +10 more
default-src 'none'; child-src https://*.arcfmsolution.com/; script-src https://resources.arcfmsolution.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-hashes' 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self'; font-src 'self'; frame-src 'self'; frame-ancestors https://*.arcfmsolution.com 'self'; img-src https://resources.arcfmsolution.com/favicon.ico 'self'; form-action 'self'; worker-src 'none';
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
97 domains
resources.arcfmsolution.com
club-jp.apc.com
mng.club-jp.apc.com
partner.club-jp.apc.com
smartconnect.apc.com
updates.apc.com
www-pre.smartconnect.apc.com
www.smartconnect.apc.com
rewards.draytoncontrols.co.uk
wiser.draytoncontrols.co.uk
www.draytoncontrols.co.uk
account.feller.ch
apps.feller.ch
catalogo-online.feller.ch
catalogue-online.feller.ch
clixx.feller.ch
clixxdebug.feller.ch
disposuite.feller.ch
id-staging.feller.ch
id.feller.ch
online-katalog.feller.ch
portal.feller.ch
www.go2se.com
digitalpackage.schneider-electric.com
events.schneider-electric.com
help.struxureware.schneider-electric.com
pricing.ems.schneider-electric.com
schneider-electric.com
eplus.schneider-electric.cz
campus-digital.schneider-electric.fr
www.document.schneider-electric.fr
events.schneider-electric.it
api.ecostruxure-energy-access-expert.se.app
api.exchange.se.app
dfl-intgr.ecostruxure.se.app
dfl-prev.ecostruxure.se.app
dfl-solar.ecostruxure.se.app
dfl.ecostruxure.se.app
ecostruxure-architecture-builder.se.app
ecostruxure-building-advisor-hvac-optimization.se.app
ecostruxure-building-advisor-ppd.se.app
ecostruxure-building-platform-api-uat.se.app
ecostruxure-building-platform-api.se.app
ecostruxure-building-platform-uat.se.app
ecostruxure-building-platform.se.app
ecostruxure-control-engineering.se.app
ecostruxure-energy-access-expert.se.app
ecostruxure-energy-one.se.app
ecostruxure-microgrid-advisor.se.app
ecostruxure-microgrid-build.se.app
ecostruxure-microgrid-dih.se.app
ecostruxure-power-advisor.se.app
ecostruxure-power-build-contractors.se.app
ecostruxure-power-build-mv.se.app
ecostruxure-specification.se.app
ecostruxure-transformer-expert.se.app
int.api.exchange.se.app
ppr.aos-core.ecostruxure-asset-advisor-ed.se.app
ppr.ecostruxure-asset-advisor-ed.se.app
preproduction.ecostruxure-microgrid-assessment.se.app
sandbox.api.exchange.se.app
sandbox.int.api.exchange.se.app
sandbox.sit.api.exchange.se.app
sandbox.uat.api.exchange.se.app
sit.api.exchange.se.app
stg.ecostruxure-energy-one.se.app
uat.api.exchange.se.app
alpha.layoutfast.se.com
altivardpr.se.com
canalverde.se.com
custom-enclosures.se.com
devportal.exchange.se.com
devportal.exst-ui-int.se.com
devportal.exst-ui-sit.se.com
devportal.exst-ui-uat.se.com
digicat.se.com
dkbmsdemo.se.com
ecostruxure-building-help.se.com
exchange.se.com
flipbook.se.com
layoutfast.se.com
monitor-bridge.dev.se.com
monitor-bridge.qa.se.com
monitor-bridge.se.com
pasupport.se.com
ums-ppr.se.com
ums.se.com
volunteerin.se.com
vtmeajp.se.com
vtmeajptest.se.com
wdquote.se.com
www.seventures.com
www.studiecd.dk
www.tekdok.dk
www.transfo-services.fr
admin.vypinac.cz
www.vypinac.cz
Other domains in certificate