Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (70)
EC Keys (922)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (3189)
Revoked Certificates (16)
Root CA (85)
RSA Keys (2561)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
DigiCert.com SSL Certificate Checker Failed Example
Is there any example of server certificate failed the validation with DigiCert.com SSL Certificate Checker?
✍: FYIcenter.com
Here is an example of server certificate failed to pass the validation of DigiCert.com SSL Certificate Checker.
1. Go to https://www.digicert.com/help/.
2. Enter this URL: www.wikipedia.com.
3. Click "CHECK SERVER" button. You will see the output with these sections:
Pass - DNS resolves www.wikipedia.com to 198.35.26.96 - HTTP Server Header: mw1212.eqiad.wmnet
Pass - SSL Certificate -
Common Name = *.wikipedia.org Subject Alternative Names = *.wikipedia.org, mediawiki.org, wikibooks.org... Issuer = GlobalSign Organization Validation CA - SHA256 - G2 Serial Number = 1121A225BA0402D791854854C8BA60686A9B SHA1 Thumbprint = 87F5BABBD897C579B66AF52FD8638B99BD1CE826 Key Length = 256 Signature algorithm = SHA256 + RSA (excellent) Secure Renegotiation: Supported
Pass - SSL Certificate has not been revoked -
OCSP Staple: Good OCSP Origin: Good CRL Status: Good
Pass - SSL Certificate expiration - The certificate expires December 10, 2016 (147 days from today)
Failed - Certificate does not match name www.wikipedia.com -
Server Certificate: Subject *.wikipedia.org Valid from 10/Dec/2015 to 10/Dec/2016 Issuer GlobalSign Organization Validation CA - SHA256 - G2 Intermediate Certificate: Subject GlobalSign Organization Validation CA - SHA256 - G2 Valid from 20/Feb/2014 to 20/Feb/2024 Issuer GlobalSign Root CA
Pass - Heartbleed Vulnerability - This server is not vulnerable to the Heartbleed Bug.
Pass - Protocol Support - TLS 1.2, TLS 1.1, TLS 1.0
Pass - SSL ciphers supported by the server - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, ...
Pass - No known vulnerable Debian keys were found
As you can see, www.wikipedia.com is using a certificate that has different name: www.wikipedia.org. If this happens to your bank Websites, it would be a major security concern.
The picture befow shows you result for www.wikipedia.com
from the Certificate Checker:
⇒ Symantec SSL/TLS Certificate Installation Checker
⇐ DigiCert.com SSL Certificate Checker
2016-10-05, 2350👍, 0💬
Popular Posts:
Certificate Summary: Subject: www.facebook.com Issuer: VeriSign, Inc., VeriSign International Server...
Certificate Summary: Subject: VeriSign Class 3 Public Primary Certification Authority - G4 Issuer: V...
What are CRL (Certificate Revocation List) and OCSP (Online Certificate Status Protocol)? I want to ...
What commands are available in the Mozilla "certutil" tool? How to get a list of those commands? If ...
Certificate Summary: Subject: Microsoft IT TLS CA 4 Issuer: Baltimore CyberTrust Root Expiration: 20...