DigiCert.com SSL Certificate Checker Failed Example
Is there any example of server certificate failed the validation with DigiCert.com SSL Certificate Checker?
Here is an example of server certificate failed to pass the validation of DigiCert.com SSL Certificate Checker.
1. Go to https://www.digicert.com/help/.
2. Enter this URL: www.wikipedia.com.
3. Click "CHECK SERVER" button. You will see the output with these sections:
Pass - DNS resolves www.wikipedia.com to 18.104.22.168 - HTTP Server Header: mw1212.eqiad.wmnet
Pass - SSL Certificate -
Common Name = *.wikipedia.org Subject Alternative Names = *.wikipedia.org, mediawiki.org, wikibooks.org... Issuer = GlobalSign Organization Validation CA - SHA256 - G2 Serial Number = 1121A225BA0402D791854854C8BA60686A9B SHA1 Thumbprint = 87F5BABBD897C579B66AF52FD8638B99BD1CE826 Key Length = 256 Signature algorithm = SHA256 + RSA (excellent) Secure Renegotiation: Supported
Pass - SSL Certificate has not been revoked -
OCSP Staple: Good OCSP Origin: Good CRL Status: Good
Pass - SSL Certificate expiration - The certificate expires December 10, 2016 (147 days from today)
Failed - Certificate does not match name www.wikipedia.com -
Server Certificate: Subject *.wikipedia.org Valid from 10/Dec/2015 to 10/Dec/2016 Issuer GlobalSign Organization Validation CA - SHA256 - G2 Intermediate Certificate: Subject GlobalSign Organization Validation CA - SHA256 - G2 Valid from 20/Feb/2014 to 20/Feb/2024 Issuer GlobalSign Root CA
Pass - Heartbleed Vulnerability - This server is not vulnerable to the Heartbleed Bug.
Pass - Protocol Support - TLS 1.2, TLS 1.1, TLS 1.0
Pass - SSL ciphers supported by the server - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, ...
Pass - No known vulnerable Debian keys were found
As you can see, www.wikipedia.com is using a certificate that has different name: www.wikipedia.org. If this happens to your bank Websites, it would be a major security concern.
The picture befow shows you result for www.wikipedia.com
from the Certificate Checker:
2016-10-05, 2229👍, 0💬
Certificate Summary: Subject: AddTrust Class 1 CA Root Issuer: AddTrust Class 1 CA Root Expiration: ...
Certificate Summary: Subject: ACCVRAIZ1 Issuer: ACCVRAIZ1 Expiration: 2030-12-31 09:37:37 UTC Key Id...
Why am I getting the "data too large for key size" error with OpenSSL "rsautl -encrypt -raw" command...
How to create a self-signed root certificate using "makecert.exe"? I want to issue and sign certific...
Where is the default trusted certificate keystore file located on my Windows computer? I think I hav...