Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=edusa.wisc.edu
Issuer
C=US, O=Amazon, CN=Amazon RSA 2048 M04
Valid From
November 06, 2025
Valid Until
December 05, 2026
385 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E7:25:10:4D:25:C7:5C:30:47:D4:F8:49:19:B1:6D:92:35:BC:FA:12:CA:F1:CE:C6:0B:7A:B1:DB:5A:9B:0A:4A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.0
TLS 1.1
TLS 1.2
Forward Secrecy
Limited
(Check cipher configuration)
Warnings
- • TLS 1.3 is not supported (recommended)
- • TLS 1.1 is deprecated and should be disabled
- • TLS 1.0 is deprecated and should be disabled
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
frame-ancestors
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
94 domains
actsddeea.wisc.edu
cessi.wisc.edu
edusa.wisc.edu
multilanguage.wisc.edu
survey.wisc.edu
teachonline.wisc.edu
vc.wisc.edu
visitbucky.wisc.edu
volunteer.wisc.edu
wisconsinwelcome.wisc.edu
wiscsoftware.wisc.edu
*.actsddeea.wisc.edu
*.cessi.wisc.edu
*.edusa.wisc.edu
*.multilanguage.wisc.edu
*.survey.wisc.edu
*.teachonline.wisc.edu
*.vc.wisc.edu
*.visitbucky.wisc.edu
*.volunteer.wisc.edu
*.wisconsinwelcome.wisc.edu
*.wiscsoftware.wisc.edu
bus.ems.wisc.edu
directory.genetics.wisc.edu
education.ems.wisc.edu
elections.news.wisc.edu
ems.education.wisc.edu
engr.ems.wisc.edu
fpm.ems.wisc.edu
her.cee.wisc.edu
housing.ems.wisc.edu
idia.labs.wisc.edu
library.ems.wisc.edu
music.ems.wisc.edu
mvp.virology.wisc.edu
nextgennetwork.it.wisc.edu
nursing.ems.wisc.edu
pharmacy.ems.wisc.edu
recsports.ems.wisc.edu
recwell.ems.wisc.edu
smph.ems.wisc.edu
sohe.ems.wisc.edu
son.ems.wisc.edu
stt.doit.wisc.edu
svm.ems.wisc.edu
union.ems.wisc.edu
uwmadison.ems.wisc.edu
wecan.education.wisc.edu
workspace.ems.wisc.edu
wsb.ems.wisc.edu
www2.waisman.wisc.edu
*.bus.ems.wisc.edu
*.directory.genetics.wisc.edu
*.education.ems.wisc.edu
*.elections.news.wisc.edu
*.ems.education.wisc.edu
*.engr.ems.wisc.edu
*.fpm.ems.wisc.edu
*.her.cee.wisc.edu
*.housing.ems.wisc.edu
*.idia.labs.wisc.edu
*.library.ems.wisc.edu
*.music.ems.wisc.edu
*.mvp.virology.wisc.edu
*.nextgennetwork.it.wisc.edu
*.nursing.ems.wisc.edu
*.pharmacy.ems.wisc.edu
*.recsports.ems.wisc.edu
*.recwell.ems.wisc.edu
*.smph.ems.wisc.edu
*.sohe.ems.wisc.edu
*.son.ems.wisc.edu
*.stt.doit.wisc.edu
*.svm.ems.wisc.edu
*.union.ems.wisc.edu
*.uwmadison.ems.wisc.edu
*.wecan.education.wisc.edu
*.workspace.ems.wisc.edu
*.wsb.ems.wisc.edu
*.www2.waisman.wisc.edu
redirect1.webhosting.doit.wisc.edu
*.redirect1.webhosting.doit.wisc.edu
badgerband.com
*.badgerband.com
uwc.edu
*.uwc.edu
mailservices.uwex.edu
*.mailservices.uwex.edu
www.uwex.edu
*.www.uwex.edu
www.uwsa.edu
*.www.uwsa.edu
veterans.wisconsin.edu
*.veterans.wisconsin.edu
Other domains in certificate