Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (71)
EC Keys (1854)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (5380)
Revoked Certificates (16)
Root CA (85)
RSA Keys (4393)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
High-Tech Bridge Free SSL Server Tester Failed Example
Is there any example of server certificate failed to pass the validation of High-Tech Bridge Free SSL Server Tester?
✍: FYIcenter.com
Here is an example of server certificate failed to pass the validation
of High-Tech Bridge Free SSL Server Tester.
1. Go to https://www.htbridge.com/ssl/.
2. Enter this URL: www.wikipedia.com.
3. Click "Submit" icon. You will see the output of the test:
Summary of www.wikipedia.com SSL/TLS Security Test - The final grade should be "F", because of the wrong certificate:
FINAL GRADE: A COMPLIANT WITH PCI DSS: Pass HORT: 208.80.154.224:443 The server prefers cipher suites supporting Perfect-Forward-Secrecy The certificate is untrusted
SSL Certificate Overview:
Common Name - *.wikipedia.org subjectAltName - DNS:*.wikipedia.org, DNS:mediawiki.org, DNS:wikibooks.org, ... ...
Test for Compliance with NIST Guidelines:
SERVER KEY IS SIGNED WITH A WRONG ALGORITHM The server public key has not been signed by the proper algorithm according to NIST guidelines. DIFFIE-HELLMAN PARAMETER SIZE The size of your Diffie-Hellman (DH) parameter: 2048 bits SUPPORTED ELLIPTIC CURVES P-256 (prime256v1) (256 bits) ...
Test for Compliance with PCI DSS Requirements:
CERTIFICATE IS UNTRUSTED The certificate is untrusted due to the following reason(s): The certificate is issued for a different hostname DIFFIE-HELLMAN PARAMETER SIZE The size of your Diffie-Hellman (DH) parameter: 2048 bits ...
Test for Industry Best-Practices:
CERTIFICATE IS NOT EV The certificate is NOT an Extended Validation (EV) certificate. SERVER SUPPORTS TLSv1.2 The server supports TLSv1.2 which is the only SSL/TLS protocol that currently has no known flaws or exploitable weaknesses. SERVER PREFERS PFS ENABLED CIPHER SUITES For TLS family of protocols, the server prefers cipher suite(s) providing Perfect Forward Secrecy (PFS). HTTP SITE DOES NOT REDIRECT The HTTP version of the website does not redirect to the HTTPS version. We advise to enable redirection. SERVER DOES NOT PROVIDE HSTS The server does not send the HTTP-Strict-Transport-Security. We advise to enable it to enforce the user to browse the website in HTTPS. ...
Web Server Security Overview:
Overview Your grade for web server security is "F". This test doesn't impact your SSL/TLS score. ...
The picture befow shows you High-Tech Bridge Free SSL Server Tester
output on www.wikipedia.com:
⇐ High-Tech Bridge Free SSL Server Tester
2016-10-08, 1590👍, 0💬
Popular Posts:
Certificate summary - Owner: GlobalSign, GlobalSign, GlobalSign Root CA - R2 Issuer: GlobalSign Root...
Do you have trouble generating a self-signed certificate or a Certificate Signing Request (CSR)? Do ...
How to use the "keytool -certreq" command? I have have created a new pair of public key and private ...
Why I am getting the "Your connection is not private" error screen in Google Chrome? I am using a we...
Certificate Summary: Subject: Sectigo RSA Domain Validation Secure Server CA Issuer: USERTrust RSA C...