updated: Friday, 08 November 2019, 11:20:37


Validity

Valid fromSunday, 28 February 2016, 09:24:21
Valid untilMonday, 27 February 2017, 09:24:21
Trust Store 'Microsoft - 04/2014'self signed certificate
Trust Store 'Mozilla NSS - 01/2014'self signed certificate
Trust Store 'Apple - OS X 10.9.2'self signed certificate
Trust Store 'Java 6 - Update 65'self signed certificate
OCSPServer did not send back an OCSP response

Vulnerability

Heartbleed (CVE-2014-0160)yes
Session Resumption With TLS Ticketsno
Session Resumption With Session IDs5 / 5
Session Renegotiation Can Be Client Initiatedno
TLS compressionyes
Renegotiation (CVE 2009-3555)NOT vulnerable (ok)
CRIME, TLS (CVE-2012-4929)is vulnerable (not ok)

Server

SSL Report Fortechconcepts.co.za (66.8.77.86:443)
OCSP staplingno
HSTSno
ServerApache/2.2.3 (CentOS)
Application (None)
Default negotiated protocolTLSv1
Default negotiated cipherDHE-RSA-AES256-SHA
Default server key size1024 bit
TLS server extensionsrenegotiation info
Session Tickets RFC 5077(none)
SPDY/NPNnot offered

Certificate

Common Namelocalhost.localdomain
KeyrsaEncryption, 1024 bit
OrganizationSomeOrganization
State/ProvinceSomeState
Country--
LocalitySomeCity
Issuerlocalhost.localdomain, --
Signature algorithmsha1WithRSAEncryption

Protocols

SSL 2NOT offered (ok)
SSL 3NOT offered (ok)
TLS 1.0offered (ok)
TLS 1.1not offered
TLS 1.2not offered

Standard cipher lists

Null CipherNOT offered (ok)
Anonymous NULL CipherNOT offered (ok)
Anonymous DH CipherNOT offered (ok)
40 Bit encryptionNOT offered (ok)
56 Bit encryptionNOT offered (ok)
DES Cipheroffered (NOT ok)
Triple DES Cipheroffered
Medium grade encryptionoffered
High grade encryptionoffered (ok)
Labels in table: strong strong, default for protocol weak vulnerable

TLS 1.2TLS 1.1TLS 1.0SSL 3SSL 2
DHE-RSA-AES256-SHA256
AES256-SHA256
EDH-RSA-DES-CBC3-SHA168
DES-CBC3-SHA168
AES128-SHA128
RC4-SHA128
DHE-RSA-AES128-SHA128
RC4-MD5128
EDH-RSA-DES-CBC-SHA56
DES-CBC-SHA56
EDH-DSS-DES-CBC-SHA
ECDHE-RSA-RC4-SHA
ECDHE-RSA-NULL-SHA
ECDHE-ECDSA-AES128-SHA256
EDH-DSS-DES-CBC3-SHA
EXP-ADH-DES-CBC-SHA
ECDH-RSA-RC4-SHA
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES128-SHA
ECDHE-RSA-DES-CBC3-SHA
ECDHE-RSA-AES128-SHA
ECDHE-RSA-AES128-SHA256
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-RC4-SHA
ECDHE-ECDSA-NULL-SHA
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-AES256-SHA384
ECDHE-ECDSA-AES256-SHA
ECDHE-RSA-AES256-SHA
EXP-ADH-RC4-MD5
ECDHE-ECDSA-DES-CBC3-SHA
EXP-RC2-CBC-MD5
SRP-DSS-AES-128-CBC-SHA
SRP-DSS-AES-256-CBC-SHA
SRP-DSS-3DES-EDE-CBC-SHA
SRP-AES-256-CBC-SHA
SRP-AES-128-CBC-SHA
SRP-RSA-3DES-EDE-CBC-SHA
SRP-RSA-AES-128-CBC-SHA
IDEA-CBC-MD5
RC2-CBC-MD5
DES-CBC3-MD5
DES-CBC-MD5
SRP-RSA-AES-256-CBC-SHA
SRP-3DES-EDE-CBC-SHA
SEED-SHA
EXP-RC4-MD5
IDEA-CBC-SHA
ECDH-RSA-NULL-SHA
EXP-EDH-RSA-DES-CBC-SHA
EXP-EDH-DSS-DES-CBC-SHA
NULL-MD5
NULL-SHA
PSK-AES256-CBC-SHA
PSK-RC4-SHA
PSK-AES128-CBC-SHA
PSK-3DES-EDE-CBC-SHA
NULL-SHA256
EXP-DES-CBC-SHA
ECDH-RSA-AES256-GCM-SHA384
AES128-SHA256
AES256-GCM-SHA384
AES128-GCM-SHA256
AECDH-RC4-SHA
AECDH-NULL-SHA
AES256-SHA256
CAMELLIA128-SHA
DHE-DSS-AES128-SHA256
DHE-DSS-AES256-GCM-SHA384
DHE-DSS-AES128-SHA
DHE-DSS-AES128-GCM-SHA256
CAMELLIA256-SHA
AECDH-DES-CBC3-SHA
AECDH-AES256-SHA
ADH-AES256-SHA
ADH-AES256-SHA256
ADH-AES256-GCM-SHA384
ADH-AES128-SHA256
ADH-AES128-SHA
ADH-CAMELLIA128-SHA
ADH-CAMELLIA256-SHA
ADH-SEED-SHA
AECDH-AES128-SHA
ADH-RC4-MD5
ADH-DES-CBC3-SHA
ADH-DES-CBC-SHA
DHE-DSS-AES256-SHA
DHE-DSS-AES256-SHA256
ECDH-ECDSA-DES-CBC3-SHA
ECDH-ECDSA-NULL-SHA
ECDH-ECDSA-AES256-SHA384
ECDH-ECDSA-AES256-SHA
ECDH-ECDSA-AES256-GCM-SHA384
ECDH-ECDSA-RC4-SHA
ECDH-RSA-AES128-GCM-SHA256
ECDH-RSA-AES256-SHA
ECDH-RSA-AES256-SHA384
ADH-AES128-GCM-SHA256
ECDH-RSA-AES128-SHA256
ECDH-RSA-AES128-SHA
ECDH-ECDSA-AES128-SHA256
ECDH-ECDSA-AES128-SHA
DHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES128-SHA256
DHE-DSS-SEED-SHA
DHE-DSS-CAMELLIA256-SHA
DHE-DSS-CAMELLIA128-SHA
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES256-SHA256
ECDH-ECDSA-AES128-GCM-SHA256
DHE-RSA-SEED-SHA
DHE-RSA-CAMELLIA256-SHA
DHE-RSA-CAMELLIA128-SHA
ECDH-RSA-DES-CBC3-SHA
Server did not send back an OCSP response
OCSP
Server did not send back an OCSP response
https://raymii.org/s/tutorials/OCSP_Stapling_on_nginx.html
Weak Cipher Suites
techconcepts.co.za (66.8.77.86:443)
self signed certificate
Apple - OS X 10.9.2
self signed certificate
Java 6 - Update 65
self signed certificate
Microsoft - 04/2014
self signed certificate
Mozilla NSS - 01/2014
Certificate Not Matches Server Hostname
techconcepts.co.za (66.8.77.86:443)
Not valid for 'techconcepts.co.za'
Heartbleed Vulnerable
techconcepts.co.za (66.8.77.86:443)
TLS Compression Available
techconcepts.co.za (66.8.77.86:443)