SSL Certificate Analysis for zohodomains.com - Security Grade & TLS Configuration

Open Cached · just now

86/100 SECURITY SCORE

Certificate Information

Subject

CN=www.thezoho.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

September 16, 2025

Valid Until

December 15, 2025 30 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

8A:82:3D:12:62:55:12:44:40:3F:68:A8:95:53:0E:F0:7D:FC:AB:AB:CC:5F:DD:82:30:2B:F9:23:F1:6C:B6:4B

Alternative Names

99 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=64072000; includeSubDomains; preload

Content-Security-Policy

Basic

script-src; connect-src; frame-src

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

99 domains

zohodomains.com www.zohodomains.com

Other domains in certificate

delugelang.com

forums.manageengine.com

postipo-nonprofit.com

postipo-nonprofits.com

postipononprofit.com

salesinbox.com

notifications.sdpondemand.com sdpondemand.com www.sdpondemand.com

thezoho.com www.thezoho.com

transmail.com

transmail.net

zakya.com

www.zconfirmation.com zconfirmation.com

zcsend.net

www.zinvitation.com zinvitation.com

zoho-inventory.com

api.wiki.zoho.com apihelp.zoho.com help.api.zoho.com kbase.creator.zoho.com zohosites.wiki.zoho.com

zoho.com.mx

zoho.net

zoho.uno

zohoaccounts.com

www.zohoappcreator.com

zohoassist.com

zohobluepencil.com

www.zohobooks.com zohobooks.com

forums.zohochallenge.com

zohocompany.com

zohoconnect.com

forums.zohocreator.com

announcements.zohocrm.com kbase.zohocrm.com mailer.zohocrm.com mailer1.zohocrm.com mailer2.zohocrm.com mailer3.zohocrm.com notifications.zohocrm.com notify.zohocrm.com sender.zohocrm.com zohocrm.com

www.zohodesk.com zohodesk.com

zohodns.com

forums.zohodocs.com

zohoexpense.com

zohoexpenses.com

zohoforms.com

www.zohogadgets.com zohogadgets.com

www.zohoinventory.com zohoinventory.com

zohoinventorymanagement.com

www.zohoinvoice.com zohoinvoice.com

zoholivedesk.com

zohom.com

www.zohomail.com zohomail.com

crm.zohomarketplace.com www.zohomarketplace.com zohomarketplace.com

www.zohonote.com zohonote.com

www.zohonotes.com zohonotes.com

zohoordermanagement.com

www.zohopresenter.com zohopresenter.com

forums.zohoreports.com mail.zohoreports.com zohoreports.com

www.zohosalesiq.com zohosalesiq.com

zohosheet.com

internal.zohosites.com mailers.zohosites.com users.zohosites.com www.zohosites.com zohosites.com

zohosocial.com

forums.zohostore.com payments.zohostore.com

www.zohosubscription.com

zohosupport.com

zohouno.com

zohoworkplace.com

m.zohowriter.com mobile.zohowriter.com zohowriter.com