Open
Cached
·
just now
70/100
SECURITY SCORE
Certificate Information
Subject
CN=suites.kohlcenter.com
Issuer
C=US, O=Amazon, CN=Amazon RSA 2048 M02
Valid From
February 05, 2025
Valid Until
March 06, 2026
94 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E2:74:67:23:96:71:50:87:CD:AD:89:BA:5F:90:C4:13:D7:7D:34:63:65:F1:7B:22:04:09:1B:36:E9:B6:4F:58
Alternative Names
Security Configuration
TLS Protocols
TLS 1.0
TLS 1.1
TLS 1.2
Forward Secrecy
Limited
(Check cipher configuration)
Warnings
- • TLS 1.3 is not supported (recommended)
- • TLS 1.1 is deprecated and should be disabled
- • TLS 1.0 is deprecated and should be disabled
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=15724800
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
suites.kohlcenter.com
amindian.wisc.edu
*.amindian.wisc.edu
applyita.wisc.edu
*.applyita.wisc.edu
aptli.wisc.edu
*.aptli.wisc.edu
arriolaapelolab.dysci.wisc.edu
*.arriolaapelolab.dysci.wisc.edu
artsinstitute.wisc.edu
*.artsinstitute.wisc.edu
atp.vcfa.wisc.edu
*.atp.vcfa.wisc.edu
blc.wisc.edu
*.blc.wisc.edu
brainhealthcommunity.nursing.wisc.edu
*.brainhealthcommunity.nursing.wisc.edu
cci.wisc.edu
*.cci.wisc.edu
cessi.creeca.wisc.edu
*.cessi.creeca.wisc.edu
chdi.wisc.edu
*.chdi.wisc.edu
cme.wisc.edu
*.cme.wisc.edu
contact.mcb.wisc.edu
*.contact.mcb.wisc.edu
depm.wisc.edu
*.depm.wisc.edu
finaid.wisc.edu
*.finaid.wisc.edu
gilmorebykovskyilab.nursing.wisc.edu
*.gilmorebykovskyilab.nursing.wisc.edu
globalhealth.wisc.edu
*.globalhealth.wisc.edu
globalhealthethic.wisc.edu
*.globalhealthethic.wisc.edu
globalhealthinstitute.wisc.edu
*.globalhealthinstitute.wisc.edu
guestnetid.wisc.edu
*.guestnetid.wisc.edu
healthequityscholarsprogram.medicine.wisc.edu
*.healthequityscholarsprogram.medicine.wisc.edu
hrdesign.wisc.edu
*.hrdesign.wisc.edu
ifli.wisc.edu
*.ifli.wisc.edu
insideislam.wisc.edu
*.insideislam.wisc.edu
intranet.artsinstitute.wisc.edu
*.intranet.artsinstitute.wisc.edu
ita.wisc.edu
*.ita.wisc.edu
lifelonglearning.wisc.edu
*.lifelonglearning.wisc.edu
meatandmore.wisc.edu
*.meatandmore.wisc.edu
mindfuljustice.chm.wisc.edu
*.mindfuljustice.chm.wisc.edu
moc.wisc.edu
*.moc.wisc.edu
mueller.csd.wisc.edu
*.mueller.csd.wisc.edu
muse.wisc.edu
*.muse.wisc.edu
ocpd.wisc.edu
*.ocpd.wisc.edu
oed.wisc.edu
*.oed.wisc.edu
online-undergrad.wisc.edu
*.online-undergrad.wisc.edu
payments.union.wisc.edu
*.payments.union.wisc.edu
planetaryhealth.wisc.edu
*.planetaryhealth.wisc.edu
religion.wisc.edu
*.religion.wisc.edu
sage.wisc.edu
*.sage.wisc.edu
senes.biochem.wisc.edu
*.senes.biochem.wisc.edu
shop.chazen.wisc.edu
*.shop.chazen.wisc.edu
supportstudy.nursing.wisc.edu
*.supportstudy.nursing.wisc.edu
thomaslab.sohe.wisc.edu
*.thomaslab.sohe.wisc.edu
threads.sohe.wisc.edu
*.threads.sohe.wisc.edu
uclub.wisc.edu
*.uclub.wisc.edu
uwpolice.wisc.edu
*.uwpolice.wisc.edu
uwwritersinstitute.wisc.edu
*.uwwritersinstitute.wisc.edu
visualculture.wisc.edu
*.visualculture.wisc.edu
wholehealth.wisc.edu
*.wholehealth.wisc.edu
widiabetesregistry.pophealth.wisc.edu
Other domains in certificate