updated: Monday, 18 September 2017, 01:16:59


Validity

Valid fromMonday, 18 July 2016, 00:00:00
Valid untilTuesday, 18 July 2017, 23:59:59
Certificate Matches Server Hostnameyes (fanboom.net)
Trust Store 'Apple - OS X 10.9.2'certificate has expired
Trust Store 'Mozilla NSS - 01/2014'certificate has expired
Trust Store 'Microsoft - 04/2014'certificate has expired
Trust Store 'Java 6 - Update 65'certificate has expired
OCSPServer did not send back an OCSP response

Vulnerability

Heartbleed (CVE-2014-0160)NOT vulnerable (ok)
Session Resumption With TLS Ticketsno
Session Resumption With Session IDs5 / 5
Session Renegotiation Can Be Client Initiatedyes
TLS compressionno
Renegotiation (CVE 2009-3555)Patched Server detected (0,1), probably ok
CRIME, TLS (CVE-2012-4929)NOT vulnerable (ok)

Server

SSL Report Forfanboom.net (107.22.169.254:443)
OCSP staplingno
HSTSno
Server(None, strange)
Application (None)
Default negotiated protocolTLSv1.2
Default negotiated cipherECDHE-RSA-AES128-GCM-SHA256
Default server key size2048 bit
TLS server extensionsrenegotiation info, EC point formats
Session Tickets RFC 5077(none)
SPDY/NPNnot offered

Certificate

Common Namefanboom.net
Alternative namesfanboom.net, www.fanboom.net
KeyrsaEncryption, 2048 bit
IssuerCOMODO RSA Domain Validation Secure Server CA, GB
Signature algorithmsha256WithRSAEncryption
Revocation CRLCRL (http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl)
Revocation OCSPOCSP (http://ocsp.comodoca.com)

Protocols

SSL 2NOT offered (ok)
SSL 3offered
TLS 1.0offered (ok)
TLS 1.1offered (ok)
TLS 1.2offered (ok)

Standard cipher lists

Null CipherNOT offered (ok)
Anonymous NULL CipherNOT offered (ok)
Anonymous DH CipherNOT offered (ok)
40 Bit encryptionNOT offered (ok)
56 Bit encryptionNOT offered (ok)
DES CipherNOT offered (ok)
Triple DES Ciphernot offered
Medium grade encryptionoffered
High grade encryptionoffered (ok)
Labels in table: strong strong, default for protocol weak vulnerable

TLS 1.2TLS 1.1TLS 1.0SSL 3SSL 2
ECDHE-RSA-AES128-SHA128128128128
ECDHE-RSA-AES128-GCM-SHA256128
ECDHE-RSA-AES256-SHA256256256256
AES256-SHA256256256256
DHE-RSA-AES128-SHA128128128128
ECDHE-RSA-RC4-SHA128128128128
RC4-SHA128128128128
AES128-SHA128128128128
AES256-SHA256256
ECDHE-RSA-AES256-GCM-SHA384256
AES256-GCM-SHA384256
ECDHE-RSA-AES256-SHA384256
AES128-GCM-SHA256128
AES128-SHA256128
ECDHE-RSA-AES128-SHA256128
EXP-ADH-RC4-MD5
EXP-ADH-DES-CBC-SHA
EDH-RSA-DES-CBC3-SHA
EXP-DES-CBC-SHA
EXP-EDH-DSS-DES-CBC-SHA
IDEA-CBC-SHA
EXP-RC4-MD5
EXP-RC2-CBC-MD5
EXP-EDH-RSA-DES-CBC-SHA
EDH-RSA-DES-CBC-SHA
EDH-DSS-DES-CBC-SHA
ECDHE-ECDSA-AES256-SHA
NULL-MD5
ECDHE-ECDSA-AES256-SHA384
ECDHE-ECDSA-DES-CBC3-SHA
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-ECDSA-NULL-SHA
ECDHE-RSA-NULL-SHA
ECDHE-RSA-DES-CBC3-SHA
ECDHE-ECDSA-RC4-SHA
EDH-DSS-DES-CBC3-SHA
SRP-3DES-EDE-CBC-SHA
SRP-RSA-AES-128-CBC-SHA
SRP-RSA-3DES-EDE-CBC-SHA
SRP-DSS-AES-256-CBC-SHA
SRP-DSS-AES-128-CBC-SHA
SRP-RSA-AES-256-CBC-SHA
DES-CBC-MD5
RC2-CBC-MD5
IDEA-CBC-MD5
DES-CBC3-MD5
SRP-DSS-3DES-EDE-CBC-SHA
SRP-AES-256-CBC-SHA
PSK-AES256-CBC-SHA
PSK-AES128-CBC-SHA
PSK-3DES-EDE-CBC-SHA
NULL-SHA256
PSK-RC4-SHA
RC4-MD5
SRP-AES-128-CBC-SHA
ECDHE-ECDSA-AES128-SHA256
SEED-SHA
NULL-SHA
ECDHE-ECDSA-AES128-SHA
DES-CBC-SHA
DES-CBC3-SHA
CAMELLIA256-SHA
CAMELLIA128-SHA
AECDH-NULL-SHA
AECDH-RC4-SHA
DHE-DSS-AES128-GCM-SHA256
DHE-DSS-AES128-SHA
DHE-DSS-AES256-SHA256
DHE-DSS-CAMELLIA128-SHA
DHE-DSS-AES256-SHA
DHE-DSS-AES256-GCM-SHA384
DHE-DSS-AES128-SHA256
AECDH-DES-CBC3-SHA
AECDH-AES256-SHA
ADH-AES256-SHA
ADH-AES256-SHA256
ADH-AES256-GCM-SHA384
ADH-AES128-SHA256
ADH-AES128-SHA
ADH-CAMELLIA128-SHA
ADH-CAMELLIA256-SHA
ADH-SEED-SHA
AECDH-AES128-SHA
ADH-RC4-MD5
ADH-DES-CBC3-SHA
ADH-DES-CBC-SHA
DHE-DSS-CAMELLIA256-SHA
DHE-DSS-SEED-SHA
ECDH-RSA-AES128-SHA
ECDH-RSA-AES128-SHA256
ECDH-RSA-AES128-GCM-SHA256
ECDH-ECDSA-RC4-SHA
ECDH-ECDSA-DES-CBC3-SHA
ECDH-ECDSA-NULL-SHA
ECDH-RSA-AES256-GCM-SHA384
ECDH-RSA-AES256-SHA
ECDH-RSA-RC4-SHA
ECDHE-ECDSA-AES128-GCM-SHA256
ECDH-RSA-NULL-SHA
ECDH-RSA-DES-CBC3-SHA
ECDH-RSA-AES256-SHA384
ECDH-ECDSA-AES256-SHA384
ECDH-ECDSA-AES256-SHA
DHE-RSA-AES256-SHA
DHE-RSA-AES256-SHA256
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES128-SHA256
DHE-RSA-AES128-GCM-SHA256
DHE-RSA-CAMELLIA128-SHA
DHE-RSA-CAMELLIA256-SHA
ECDH-ECDSA-AES128-SHA256
ECDH-ECDSA-AES256-GCM-SHA384
ECDH-ECDSA-AES128-SHA
ECDH-ECDSA-AES128-GCM-SHA256
DHE-RSA-SEED-SHA
ADH-AES128-GCM-SHA256
Server did not send back an OCSP response
OCSP
Server did not send back an OCSP response
https://raymii.org/s/tutorials/OCSP_Stapling_on_nginx.html
certificate has expired
Apple - OS X 10.9.2
Session Renegotiation Can Be Client Initiated
fanboom.net (107.22.169.254:443)
certificate has expired
Java 6 - Update 65
certificate has expired
Microsoft - 04/2014
certificate has expired
Mozilla NSS - 01/2014