SSL configuration checker

The date range during which the SSL certificate is valid.

Checks if the domain is listed by the CA authority in the Certificate Revocation List.

The Online Certificate Status Protocol is checked as an alternative to determine the revocation status of an X.509 standard SSL certificate.

Verify whether the domain name in the request is listed in the actual SSL certificate Common Name or Subject Alternative Name fields.

Certificates can be self-signed. they do not require a Certificate Authority to be valid. Your connection to self-signed certificates is encrypted but results in browser warnings. Malicious sites and applications may use self-signed certificates.

Obsolete and non-recommended protocols supported by the certificate.

The list of weaker cipher suites that can be used by the certificate.

Checks if this extension is installed and has been fixed against the Heartbleed bug security issue on the target SSL certificate.

The Transport Layer Security Authentication (TLSA) is tested against recommended configurations.

The Transport Layer Security Authentication (TLSA) is tested against recommended configurations.

Certificates listed in the Debian blacklist may represent significant security risks. This test results will indicate if the certificate public key is listed there.

This method should be enabled in order to provide a better user experience.