Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (70)
EC Keys (922)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (3189)
Revoked Certificates (16)
Root CA (85)
RSA Keys (2561)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
Symantec SSL/TLS Certificate Installation Checker Failed Example
Is there any example of server certificate failed to pass the validation of Symantec SSL/TLS Certificate Installation Checker?
✍: FYIcenter.com
Here is an example of server certificate failed to pass the validation
of Symantec SSL/TLS Certificate Installation Checker.
1. Go to https://cryptoreport.websecurity.symantec.com/checker/views/certCheck.jsp
2. Enter this URL: www.wikipedia.com.
3. Click "Check" button. You will see the output with these sections:
Failed - Certificate is not installed correctly:
www.wikipedia.com You have 2 errors: RSA wrong certificate installed. The domain name does not match the certificate common name or SAN. ECC wrong certificate installed. The domain name does not match the certificate common name or SAN. Info - The BEAST attack is not mitigated on this server.
Chain installation - 2 certificates found, RSA and ECC:
RSA certificate information: Common name: *.wikipedia.org SAN: *.wikipedia.org, mediawiki.org, wikibooks.org, wikidata.org, ... Organization: Wikimedia Foundation, Inc. Organizational unit: City/locality: San Francisco State/province: California Country: US Certificate Transparency: Not embedded in certificate Serial number: 1121f69545b2bae5a6f9553566c7120194ce Algorithm type: SHA256withRSA Key size: 2048 Valid from: 2015-Dec-10 22:46:04 GMT Valid to: 2016-Dec-10 22:46:04 GMT Certificate status: Valid Revocation check method: OCSP ECC certificate information: Common name: *.wikipedia.org SAN: *.wikipedia.org, mediawiki.org, wikibooks.org, wikidata.org, ... Organization: Wikimedia Foundation, Inc. Organizational unit: City/locality: San Francisco State/province: California Country: US Certificate Transparency: Not embedded in certificate Serial number: 1121a225ba0402d791854854c8ba60686a9b Algorithm type: SHA256withRSA Key size: 256 Valid from: 2015-Dec-10 23:22:05 GMT Valid to: 2016-Dec-10 22:46:04 GMT Certificate status: Valid Revocation check method: OCSP
Server configuration:
Host name: text-lb.eqiad.wikimedia.org Server type: mw1185.eqiad.wmnet IP address: 208.80.154.224 Port number: 443 Secure Renegotiation: Enabled Downgrade attack prevention: Enabled Next Protocol Negotiation: Enabled Session resumption (caching): Enabled Session resumption (tickets): Not Enabled Strict Transport Security (HSTS): Enabled (max-age=31536000; includeSubDomains; preload) SSL/TLS compression: Not Enabled Heartbeat (extension): Enabled RC4: Not Enabled OCSP stapling: Enabled Protocols enabled: TLS1.2, TLS1.1, TLS1.0 Protocols not enabled: SSLv3, SSLv2
Vulnerabilities checked:
Heartbleed Poodle (TLS) Poodle (SSLv3) FREAK BEAST - Yellow CRIME
The picture befow shows you Symantec SSL/TLS Certificate Installation Checker
output on www.wikipedia.com:
⇒ Wormly SSL Web Server Tester
⇐ Symantec SSL/TLS Certificate Installation Checker
2016-10-05, 2232👍, 0💬
Popular Posts:
Certificate Summary: Subject: Starfield Services Root Certificate Authority - G2 Issuer: Starfield C...
Certificate Summary: Subject: google.com Issuer: Google Internet Authority Expiration: 2013-12-30 00...
How to see more security related information on View Page Info in Google Chrome 29? To see more secu...
What is the purpose of the OpenSSL "rsautl -sign" command? Can I use it to sign a document? Yes, you...
How to print out information from a certificate stored in cert8.db file? If you want to print out in...