updated: Sunday, 21 April 2019, 00:06:32


Validity

Valid fromWednesday, 07 December 2016, 00:00:00
Valid untilWednesday, 29 January 2020, 12:00:00
Certificate Matches Server Hostnameyes (colorado.gov)
Trust Store 'Apple - OS X 10.9.2'ok
Trust Store 'Mozilla NSS - 01/2014'ok (not EV)
Trust Store 'Microsoft - 04/2014'ok
Trust Store 'Java 6 - Update 65'ok
OCSPServer did not send back an OCSP response

Vulnerability

Heartbleed (CVE-2014-0160)NOT vulnerable (ok)
Session Resumption With TLS Ticketsno
Session Resumption With Session IDs5 / 5
Session Renegotiation Can Be Client Initiatedyes
TLS compressionno

Server

SSL Report Forcolorado.gov (165.127.10.10:443)
OCSP staplingno

Certificate

Common Name*.colorado.gov
Alternative names*.colorado.gov, colorado.gov, www.colorado.gov, test.colorado.gov
KeyrsaEncryption, 2048 bit
OrganizationColorado Interactive LLC
State/ProvinceColorado
CountryUS
LocalityDenver
IssuerDigiCert SHA2 Secure Server CA, US
Signature algorithmsha256WithRSAEncryption
Revocation CRLCRL (http://crl3.digicert.com/ssca-sha2-g5.crl)
Revocation OCSPOCSP (http://ocsp.digicert.com)
Labels in table: strong strong, default for protocol weak vulnerable

TLS 1.2TLS 1.1TLS 1.0SSL 3SSL 2
AES128-SHA128128
AES256-SHA256256
DES-CBC3-SHA168168
AES256-SHA256256
AES128-SHA256128
ECDHE-RSA-RC4-SHA
EDH-DSS-DES-CBC-SHA
ECDHE-RSA-NULL-SHA
ECDHE-RSA-DES-CBC3-SHA
ECDHE-RSA-AES256-SHA384
EDH-DSS-DES-CBC3-SHA
EDH-RSA-DES-CBC-SHA
EXP-DES-CBC-SHA
EXP-ADH-RC4-MD5
ECDHE-RSA-AES256-SHA
EXP-EDH-DSS-DES-CBC-SHA
EDH-RSA-DES-CBC3-SHA
EXP-ADH-DES-CBC-SHA
ECDHE-RSA-AES128-SHA
ECDHE-ECDSA-AES256-SHA
ECDHE-ECDSA-AES256-SHA384
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES128-SHA256
ECDHE-ECDSA-AES128-SHA
ECDHE-ECDSA-DES-CBC3-SHA
ECDHE-ECDSA-NULL-SHA
ECDHE-RSA-AES128-SHA256
EXP-EDH-RSA-DES-CBC-SHA
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-RC4-SHA
ECDHE-RSA-AES256-GCM-SHA384
NULL-MD5
SRP-DSS-AES-128-CBC-SHA
SRP-DSS-AES-256-CBC-SHA
SRP-DSS-3DES-EDE-CBC-SHA
SRP-AES-256-CBC-SHA
SRP-AES-128-CBC-SHA
SRP-RSA-3DES-EDE-CBC-SHA
SRP-RSA-AES-128-CBC-SHA
IDEA-CBC-MD5
RC2-CBC-MD5
DES-CBC3-MD5
DES-CBC-MD5
SRP-RSA-AES-256-CBC-SHA
SRP-3DES-EDE-CBC-SHA
SEED-SHA
NULL-SHA
NULL-SHA256
ECDHE-ECDSA-AES128-GCM-SHA256
IDEA-CBC-SHA
EXP-RC4-MD5
PSK-3DES-EDE-CBC-SHA
PSK-AES128-CBC-SHA
RC4-SHA
RC4-MD5
PSK-RC4-SHA
PSK-AES256-CBC-SHA
EXP-RC2-CBC-MD5
ECDH-RSA-RC4-SHA
CAMELLIA128-SHA
CAMELLIA256-SHA
AES256-GCM-SHA384
AES128-GCM-SHA256
AECDH-NULL-SHA
AECDH-RC4-SHA
DES-CBC-SHA
DHE-DSS-AES128-GCM-SHA256
DHE-DSS-AES256-SHA
DHE-DSS-AES256-SHA256
DHE-DSS-AES256-GCM-SHA384
DHE-DSS-AES128-SHA256
DHE-DSS-AES128-SHA
AECDH-DES-CBC3-SHA
AECDH-AES256-SHA
ADH-AES256-SHA
ADH-AES256-SHA256
ADH-AES256-GCM-SHA384
ADH-AES128-SHA256
ADH-AES128-SHA
ADH-CAMELLIA128-SHA
ADH-CAMELLIA256-SHA
ADH-SEED-SHA
AECDH-AES128-SHA
ADH-RC4-MD5
ADH-DES-CBC3-SHA
ADH-DES-CBC-SHA
DHE-DSS-CAMELLIA128-SHA
DHE-DSS-CAMELLIA256-SHA
ECDH-ECDSA-RC4-SHA
ECDH-RSA-AES128-GCM-SHA256
ECDH-ECDSA-NULL-SHA
ECDH-ECDSA-DES-CBC3-SHA
ECDH-ECDSA-AES256-SHA
ECDH-ECDSA-AES256-SHA384
ECDH-RSA-AES128-SHA
ECDH-RSA-AES128-SHA256
ECDH-RSA-DES-CBC3-SHA
ECDH-RSA-NULL-SHA
ECDH-RSA-AES256-SHA384
ECDH-RSA-AES256-SHA
ECDH-RSA-AES256-GCM-SHA384
ECDH-ECDSA-AES256-GCM-SHA384
ECDH-ECDSA-AES128-SHA256
DHE-RSA-AES128-SHA256
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES128-SHA
DHE-RSA-AES128-GCM-SHA256
DHE-DSS-SEED-SHA
DHE-RSA-AES256-SHA
DHE-RSA-AES256-SHA256
ECDH-ECDSA-AES128-GCM-SHA256
ECDH-ECDSA-AES128-SHA
DHE-RSA-SEED-SHA
DHE-RSA-CAMELLIA256-SHA
DHE-RSA-CAMELLIA128-SHA
ADH-AES128-GCM-SHA256
Trusted By Apple - OS X 10.9.2
colorado.gov (165.127.10.10:443)
Trusted By Apple - OS X 10.9.2
Trusted By Java 6 - Update 65
colorado.gov (165.127.10.10:443)
Trusted By Java 6 - Update 65
Trusted By Microsoft - 04/2014
colorado.gov (165.127.10.10:443)
Trusted By Microsoft - 04/2014
Trusted By Mozilla NSS - 01/2014
colorado.gov (165.127.10.10:443)
Trusted By Mozilla NSS - 01/2014
Server did not send back an OCSP response
OCSP
Server did not send back an OCSP response
https://raymii.org/s/tutorials/OCSP_Stapling_on_nginx.html
Session Renegotiation Can Be Client Initiated
colorado.gov (165.127.10.10:443)