Categories:
DH Keys (39)
DSA Keys (70)
EC Keys (345)
Firefox (32)
General (13)
Google Chrome (25)
Intermediate CA (152)
Java VM (20)
JDK Keytool (25)
Microsoft CertUtil (26)
Mozilla CertUtil (18)
OpenSSL (237)
Other (17)
Portecle (38)
Publishers (1953)
Revoked Certificates (30)
Root CA (87)
RSA Keys (1902)
Tools (47)
Tutorial (7)
What Is (21)
Windows (129)
Collections:
Other Resources:
High-Tech Bridge Free SSL Server Tester Failed Example
Is there any example of server certificate failed to pass the validation of High-Tech Bridge Free SSL Server Tester?
✍: FYIcenter.com
Here is an example of server certificate failed to pass the validation
of High-Tech Bridge Free SSL Server Tester.
1. Go to https://www.htbridge.com/ssl/.
2. Enter this URL: www.wikipedia.com.
3. Click "Submit" icon. You will see the output of the test:
Summary of www.wikipedia.com SSL/TLS Security Test - The final grade should be "F", because of the wrong certificate:
FINAL GRADE: A COMPLIANT WITH PCI DSS: Pass HORT: 208.80.154.224:443 The server prefers cipher suites supporting Perfect-Forward-Secrecy The certificate is untrusted
SSL Certificate Overview:
Common Name - *.wikipedia.org subjectAltName - DNS:*.wikipedia.org, DNS:mediawiki.org, DNS:wikibooks.org, ... ...
Test for Compliance with NIST Guidelines:
SERVER KEY IS SIGNED WITH A WRONG ALGORITHM The server public key has not been signed by the proper algorithm according to NIST guidelines. DIFFIE-HELLMAN PARAMETER SIZE The size of your Diffie-Hellman (DH) parameter: 2048 bits SUPPORTED ELLIPTIC CURVES P-256 (prime256v1) (256 bits) ...
Test for Compliance with PCI DSS Requirements:
CERTIFICATE IS UNTRUSTED The certificate is untrusted due to the following reason(s): The certificate is issued for a different hostname DIFFIE-HELLMAN PARAMETER SIZE The size of your Diffie-Hellman (DH) parameter: 2048 bits ...
Test for Industry Best-Practices:
CERTIFICATE IS NOT EV The certificate is NOT an Extended Validation (EV) certificate. SERVER SUPPORTS TLSv1.2 The server supports TLSv1.2 which is the only SSL/TLS protocol that currently has no known flaws or exploitable weaknesses. SERVER PREFERS PFS ENABLED CIPHER SUITES For TLS family of protocols, the server prefers cipher suite(s) providing Perfect Forward Secrecy (PFS). HTTP SITE DOES NOT REDIRECT The HTTP version of the website does not redirect to the HTTPS version. We advise to enable redirection. SERVER DOES NOT PROVIDE HSTS The server does not send the HTTP-Strict-Transport-Security. We advise to enable it to enforce the user to browse the website in HTTPS. ...
Web Server Security Overview:
Overview Your grade for web server security is "F". This test doesn't impact your SSL/TLS score. ...
The picture befow shows you High-Tech Bridge Free SSL Server Tester
output on www.wikipedia.com:
⇐ High-Tech Bridge Free SSL Server Tester
2016-10-08, 1125👍, 0💬
Popular Posts:
How to install JDK 1.7 on Windows? I have "jdk-7u5-windows-i586.ex e"download on my desktop. If you ...
How to start "certmgr.exe" on Windows 7? I know it is installed on my system as part of Visual Studi...
Can I continue to use the Web site, even if it has the "Your connection is not secure" error? Normal...
Certificate summary - Owner: Microsoft Internet Authority Issuer: Baltimore CyberTrust Root, CyberTr...
How to read the connection information on the page properties screen in IE? What is the meaning of "...