updated: Thursday, 17 October 2019, 03:45:09


Validity

Valid fromSunday, 06 May 2018, 08:33:12
Valid untilSaturday, 04 August 2018, 08:33:12
Certificate Matches Server Hostnameyes (temphilltop.net)
Trust Store 'Apple - OS X 10.9.2'ok
Trust Store 'Microsoft - 04/2014'ok
Trust Store 'Mozilla NSS - 01/2014'ok (not EV)
Trust Store 'Java 6 - Update 65'ok
OCSPServer did not send back an OCSP response

Vulnerability

Heartbleed (CVE-2014-0160)NOT vulnerable (ok)
Session Resumption With TLS Ticketsno
Session Resumption With Session IDs5 / 5
Session Renegotiation Can Be Client Initiatedno
TLS compressionno
Renegotiation (CVE 2009-3555)NOT vulnerable (ok)
CRIME, TLS (CVE-2012-4929)NOT vulnerable (ok)

Server

SSL Report Fortemphilltop.net (194.187.96.24:443)
OCSP staplingno
HSTSno
Servernginx
Application (None)
Default negotiated protocolTLSv1.2
Default negotiated cipherECDHE-RSA-AES128-GCM-SHA256
Default server key size4096 bit
TLS server extensionsserver name, renegotiation info, EC point formats, heartbeat
Session Tickets RFC 5077(none)
SPDY/NPNhttp/1.1 (advertised)

Certificate

Common Nametemphilltop.net
Alternative namestemphilltop.net
KeyrsaEncryption, 4096 bit
IssuerLet's Encrypt Authority X3, US
Signature algorithmsha256WithRSAEncryption
Revocation OCSPOCSP (http://ocsp.int-x3.letsencrypt.org)

Protocols

SSL 2NOT offered (ok)
SSL 3NOT offered (ok)
TLS 1.0offered (ok)
TLS 1.1offered (ok)
TLS 1.2offered (ok)

Standard cipher lists

Null CipherNOT offered (ok)
Anonymous NULL CipherNOT offered (ok)
Anonymous DH CipherNOT offered (ok)
40 Bit encryptionNOT offered (ok)
56 Bit encryptionNOT offered (ok)
DES CipherNOT offered (ok)
Triple DES Cipheroffered
Medium grade encryptionnot offered
High grade encryptionoffered (ok)
Labels in table: strong strong, default for protocol weak vulnerable

TLS 1.2TLS 1.1TLS 1.0SSL 3SSL 2
ECDHE-RSA-AES128-SHA128128128
ECDHE-RSA-AES128-GCM-SHA256128
ECDHE-RSA-AES256-SHA256256256
DHE-RSA-AES256-SHA256256256
AES256-SHA256256256
ECDHE-RSA-DES-CBC3-SHA168168168
DES-CBC3-SHA168168168
EDH-RSA-DES-CBC3-SHA168168168
DHE-RSA-AES128-SHA128128128
AES128-SHA128128128
DHE-RSA-AES256-GCM-SHA384256
AES256-SHA256256
ECDHE-RSA-AES256-SHA384256
AES256-GCM-SHA384256
DHE-RSA-AES256-SHA256256
ECDHE-RSA-AES256-GCM-SHA384256
AES128-SHA256128
AES128-GCM-SHA256128
DHE-RSA-AES128-GCM-SHA256128
ECDHE-RSA-AES128-SHA256128
DHE-RSA-AES128-SHA256128
EXP-RC2-CBC-MD5
EXP-EDH-RSA-DES-CBC-SHA
EXP-RC4-MD5
IDEA-CBC-SHA
NULL-MD5
PSK-3DES-EDE-CBC-SHA
NULL-SHA256
NULL-SHA
EXP-EDH-DSS-DES-CBC-SHA
EDH-RSA-DES-CBC-SHA
EDH-DSS-DES-CBC3-SHA
PSK-AES128-CBC-SHA
EDH-DSS-DES-CBC-SHA
ECDHE-RSA-NULL-SHA
ECDHE-RSA-RC4-SHA
EXP-ADH-RC4-MD5
EXP-ADH-DES-CBC-SHA
EXP-DES-CBC-SHA
SRP-RSA-3DES-EDE-CBC-SHA
SRP-RSA-AES-128-CBC-SHA
ECDHE-ECDSA-RC4-SHA
SRP-DSS-AES-256-CBC-SHA
SRP-RSA-AES-256-CBC-SHA
DES-CBC-MD5
RC2-CBC-MD5
IDEA-CBC-MD5
DES-CBC3-MD5
SRP-DSS-AES-128-CBC-SHA
SRP-DSS-3DES-EDE-CBC-SHA
RC4-SHA
RC4-MD5
PSK-RC4-SHA
SEED-SHA
SRP-3DES-EDE-CBC-SHA
SRP-AES-256-CBC-SHA
SRP-AES-128-CBC-SHA
PSK-AES256-CBC-SHA
ECDHE-ECDSA-NULL-SHA
DES-CBC-SHA
DHE-DSS-AES128-GCM-SHA256
CAMELLIA256-SHA
CAMELLIA128-SHA
AECDH-NULL-SHA
AECDH-RC4-SHA
DHE-DSS-AES128-SHA
DHE-DSS-AES128-SHA256
DHE-DSS-CAMELLIA128-SHA
DHE-DSS-CAMELLIA256-SHA
DHE-DSS-AES256-SHA256
DHE-DSS-AES256-SHA
DHE-DSS-AES256-GCM-SHA384
AECDH-DES-CBC3-SHA
AECDH-AES256-SHA
ADH-AES256-SHA
ADH-AES256-SHA256
ADH-AES256-GCM-SHA384
ADH-AES128-SHA256
ADH-AES128-SHA
ADH-CAMELLIA128-SHA
ADH-CAMELLIA256-SHA
ADH-SEED-SHA
AECDH-AES128-SHA
ADH-RC4-MD5
ADH-DES-CBC3-SHA
ADH-DES-CBC-SHA
DHE-DSS-SEED-SHA
DHE-RSA-CAMELLIA128-SHA
ECDH-RSA-NULL-SHA
ECDH-RSA-RC4-SHA
ECDH-RSA-DES-CBC3-SHA
ECDH-RSA-AES256-SHA384
ECDH-RSA-AES256-GCM-SHA384
ECDH-RSA-AES256-SHA
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES128-SHA
ECDHE-ECDSA-AES256-SHA384
ECDHE-ECDSA-DES-CBC3-SHA
ECDHE-ECDSA-AES256-SHA
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES128-SHA256
ECDH-RSA-AES128-SHA256
ECDH-RSA-AES128-SHA
ECDH-ECDSA-AES128-SHA
ECDH-ECDSA-AES128-SHA256
ECDH-ECDSA-AES128-GCM-SHA256
DHE-RSA-SEED-SHA
DHE-RSA-CAMELLIA256-SHA
ECDH-ECDSA-AES256-GCM-SHA384
ECDH-ECDSA-AES256-SHA
ECDH-ECDSA-RC4-SHA
ECDH-RSA-AES128-GCM-SHA256
ECDH-ECDSA-NULL-SHA
ECDH-ECDSA-DES-CBC3-SHA
ECDH-ECDSA-AES256-SHA384
ADH-AES128-GCM-SHA256
Trusted By Apple - OS X 10.9.2
temphilltop.net (194.187.96.24:443)
Trusted By Apple - OS X 10.9.2
Trusted By Java 6 - Update 65
temphilltop.net (194.187.96.24:443)
Trusted By Java 6 - Update 65
Trusted By Microsoft - 04/2014
temphilltop.net (194.187.96.24:443)
Trusted By Microsoft - 04/2014
Trusted By Mozilla NSS - 01/2014
temphilltop.net (194.187.96.24:443)
Trusted By Mozilla NSS - 01/2014
Server did not send back an OCSP response
OCSP
Server did not send back an OCSP response
https://raymii.org/s/tutorials/OCSP_Stapling_on_nginx.html