SSL Certificate Analysis for webmail.wordcounttool.com - Security Grade & TLS Configuration

Subject

CN=webmail.recipes.net

Issuer

C=US, O=Let's Encrypt, CN=R11

Valid From

February 11, 2025

Valid Until

May 12, 2025 Expired

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

6E:50:34:09:7F:1B:DF:98:C6:FF:E5:83:83:1D:D6:21:72:02:B3:DD:25:13:86:03:CC:4B:7A:9D:A5:96:5C:C7

Alternative Names

TLS Protocols

TLS 1.2

Forward Secrecy

Limited (Check cipher configuration)

Warnings

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports