SSL Certificate Analysis for www.myappleid.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Apple ID

Certificate Information

Subject

C=US, ST=California, O=Apple Inc., CN=me.com

Issuer

C=US, O=Apple Inc., CN=Apple Public Server RSA CA 1 - G1

Valid From

March 24, 2026

Valid Until

June 22, 2026 61 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

CA:18:E3:82:6A:AD:FE:3B:CD:F0:7D:F3:83:59:E7:A0:25:8F:8B:CB:EB:59:4E:5D:5C:9D:9E:4C:77:C9:AE:F9

Alternative Names

57 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=31536000; includeSubDomains; preload

Content-Security-Policy

Good

default-src; connect-src; font-src; +6 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Excellent

DENY

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Present

origin

Permissions-Policy

Missing

Not configured

Recommendations

• Strengthen CSP by removing 'unsafe-eval'
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Configured (Restricts certificate issuance)

Current Issuer

Not Authorized (Potential misconfiguration)

Authorized CAs

pki.apple.com

Wildcard CAs

pki.apple.com

Incident Reporting

mailto:[email protected]

CAA Issues

• CRITICAL: Current certificate issuer 'C=US, O=Apple Inc., CN=Apple Public Server RSA CA 1 - G1' is NOT authorized by CAA records. Authorized CAs: pki.apple.com

Recommendations

• Consider using critical flag (flags=128) for stricter CAA enforcement

Subject Alternative Names

57 domains

myappleid.com www.myappleid.com

Other domains in certificate

me.com www.me.com

metapushpin.com www.metapushpin.com

mobileme.com www.mobileme.com

myicloudid.com www.myicloudid.com

myiphoneid.com www.myiphoneid.com

newton.com www.newton.com

next.com www.next.com

nothingreal.com www.nothingreal.com

omegamap.com www.omegamap.com

oneline-apple-store.com www.oneline-apple-store.com

online-apple-store.com www.online-apple-store.com

onlineapplestore.com www.onlineapplestore.com

orchardatapple.com www.orchardatapple.com

orchardisdope.com www.orchardisdope.com

mandrill.organicfruitapps.com resources.organicfruitapps.com union.organicfruitapps.com

osxlionlaunchpad.com www.osxlionlaunchpad.com

pixelmatorpro.com www.pixelmatorpro.com

pixelmatorteam.com www.pixelmatorteam.com

playquicktime.com www.playquicktime.com

polyesterdinosaur.com www.polyesterdinosaur.com

powerbook.com www.powerbook.com

prismo.com www.prismo.com

publishing-research.com

publishing-survey.com

publishingsurvey.com

qapple.com www.qapple.com

quicktime.com www.quicktime.com

quicktimestreaming.com

quicktimetv.com www.quicktimetv.com