DigiCert.com SSL Certificate Checker Failed Example

Q

Is there any example of server certificate failed the validation with DigiCert.com SSL Certificate Checker?

✍: FYIcenter.com

A

Here is an example of server certificate failed to pass the validation of DigiCert.com SSL Certificate Checker.

1. Go to https://www.digicert.com/help/.

2. Enter this URL: www.wikipedia.com.

3. Click "CHECK SERVER" button. You will see the output with these sections:

Pass - DNS resolves www.wikipedia.com to 198.35.26.96 - HTTP Server Header: mw1212.eqiad.wmnet

Pass - SSL Certificate -

Common Name = *.wikipedia.org
Subject Alternative Names = *.wikipedia.org, mediawiki.org, wikibooks.org...
Issuer = GlobalSign Organization Validation CA - SHA256 - G2
Serial Number = 1121A225BA0402D791854854C8BA60686A9B
SHA1 Thumbprint = 87F5BABBD897C579B66AF52FD8638B99BD1CE826
Key Length = 256
Signature algorithm = SHA256 + RSA (excellent)
Secure Renegotiation: Supported

Pass - SSL Certificate has not been revoked -

OCSP Staple: 	Good
OCSP Origin: 	Good
CRL Status: 	Good

Pass - SSL Certificate expiration - The certificate expires December 10, 2016 (147 days from today)

Failed - Certificate does not match name www.wikipedia.com -

Server Certificate:
    Subject	*.wikipedia.org
    Valid from 10/Dec/2015 to 10/Dec/2016
    Issuer	GlobalSign Organization Validation CA - SHA256 - G2

Intermediate Certificate:
    Subject	GlobalSign Organization Validation CA - SHA256 - G2
    Valid from 20/Feb/2014 to 20/Feb/2024
    Issuer	GlobalSign Root CA

Pass - Heartbleed Vulnerability - This server is not vulnerable to the Heartbleed Bug.

Pass - Protocol Support - TLS 1.2, TLS 1.1, TLS 1.0

Pass - SSL ciphers supported by the server - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, ...

Pass - No known vulnerable Debian keys were found

As you can see, www.wikipedia.com is using a certificate that has different name: www.wikipedia.org. If this happens to your bank Websites, it would be a major security concern.

The picture befow shows you result for www.wikipedia.com from the Certificate Checker:
DigiCert SSL Certificate Checher Failed Example

 

Symantec SSL/TLS Certificate Installation Checker

DigiCert.com SSL Certificate Checker

Server Certificate Online Tools

⇑⇑ Certificates Tools

2016-10-05, 1844👍, 0💬