What is COMODO SSL Analyzer?

COMODO SSL Analyzer is an online tool that checks a specified Website to see if its SSL/TLS certificate is installed correctly or not.

You can follow these steps to try COMODO SSL Analyzer:

1. Go to https://sslanalyzer.comodoca.com.

2. Enter the URL of the Website you want to check, for example, www.visa.com.

3. Click "Analyze" button. You will see the output with these sections

Certificate Details:

Common Name - www.visa.com -
Alternative Names   promocoesvisa.com.br, www.visa.ca, visa.com, ...
Subject Name -
    commonName=www.visa.com
    organizationalUnitName=Web Services
    organizationName=Visa International Service Association
    localityName=Foster City
    stateOrProvinceName=California
    countryName=US
Serial Number - 4CBCC05084B902EEE8A078B241F59BB3
Fingerprint (SHA-256) - 854DE331FF737914C96D91EEE298FDF16A643F3A71A644777EAA5366637D2405
Valid From - Fri, 27 May 2016 00:00:00 GMT
Valid To - Sat, 26 Aug 2017 23:59:59 GMT     (Expires in 404 days)
Key - RSA (2048-bit) -
Signature - SHA-256 / RSA -
Issuer Name -
    commonName=GeoTrust SSL CA - G3
    organizationName=GeoTrust Inc.
    countryName=US
Issuer Brand - GeoTrust -
Validation Type - Organizational Validation (OV)
Trusted by Microsoft? - Yes -
Trusted by Mozilla? - Yes

Certificate Status Details:

OCSP "Stapling" - Not Supported
Must Staple?  (TLS Feature) - No

Server Details:

Software - Unknown
IP Address - 104.71.204.99
Port - 443
Hostname - a104-71-204-99.deploy.static.akamaitechnologies.com
Clock  (ServerHello.gmt_unix_time) - Randomized
Clock  (HTTP "Date:" header) - Mon, 18 Jul 2016 23:33:56 GMT     (Accurate)

Protocol Versions:

TLS v1.2 - Supported   Immune to TLS POODLE attack  -
TLS v1.1 - Supported   Immune to TLS POODLE attack  -
TLS v1.0 - Supported   Immune to TLS POODLE attack  -
SSL v3.0 - Not Supported   Immune to SSLv3 POODLE attack  -
SSL v2.0 - Not Supported   Immune to DROWN attack

Protocol Features / Problems:

Downgrade Protection  (TLS_FALLBACK_SCSV) - Supported
Secure Renegotiation  (Server-initiated) - Supported -
Secure Renegotiation  (Client-initiated) - Supported - VULNERABLE (DoS)
Legacy Renegotiation  (Client-initiated) - Unknown -
Compression - Not Supported   Immune to CRIME attack  -
Heartbeat - Not Supported   Immune to Heartbleed attack  -
Server Name Indication - Not Used
Session Resumption - Supported
Session Tickets - Supported
TLS Extension Intolerant? - No
Cipher Suite Negotiation Bug? - No
Signature Algorithms Enabled - None   Immune to SLOTH attack

Cipher Suites Enabled:

Name  (ID) - Key Size (in bits)
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384  (0xC030) - 256   ECDH 256-bit (P-256) -
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256  (0xC02F) - 128   ECDH 256-bit (P-256) -
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384  (0xC028) - 256   ECDH 256-bit (P-256) -
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA  (0xC014) - 256   ECDH 256-bit (P-256) -
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256  (0xC027) - 128   ECDH 256-bit (P-256) -
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA  (0xC013) - 128   ECDH 256-bit (P-256) -
TLS_RSA_WITH_AES_256_GCM_SHA384  (0x9D) - 256 -
TLS_RSA_WITH_AES_128_GCM_SHA256  (0x9C) - 128 -
TLS_RSA_WITH_AES_256_CBC_SHA256  (0x3D) - 256 -
TLS_RSA_WITH_AES_128_CBC_SHA256  (0x3C) - 128 -
TLS_RSA_WITH_AES_128_CBC_SHA  (0x2F) - 128 -
TLS_RSA_WITH_3DES_EDE_CBC_SHA  (0xA) - 112

The picture below shows you COMODO SSL Analyzer output on www.visa.com:

⇒ COMODO SSL Analyzer Failed Example

⇐ Wormly SSL Web Server Tester Failed Example

⇑ Server Certificate Online Tools

⇑⇑ Certificates Tools