Welcome to OCSP Checker.
Author: coeurl (
@debiru_R
)
This is test page for
OCSP Stapling Test
.
Test URL:
https://acao.jp
Each APIs:
https://ssl.lavoscore.org/api/sslcert-expires/?q=acao.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp-stapling/?q=acao.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp/?q=acao.jp
And you can
check your domain name
.
#
Certificate of
acao.jp
{ "serial": "2E04F4DBB1C1EF7310952038F52D50FE", "OCSP_serial": null, "OCSP_cert_status": null, "OCSP_this_update": null, "OCSP_next_update": null, "domainName": "acao.jp", "port": 443, "subjectAltName": "DNS:acao.jp", "is_valid": true, "CA": "Google Trust Services", "updated_at": "2025/03/31 23:56:12", "expires_at": "2025/06/30 00:50:24", "today": "2025/05/09 16:21:29", "UTC": { "updated_at": "2025-03-31T14:56:12Z", "expires_at": "2025-06-29T15:50:24Z", "today": "2025-05-09T07:21:29Z" }, "remaining_days": 51 }
#
OCSP response of
acao.jp
from OCSP Stapling
CONNECTED(00000003) OCSP response: no response sent --- Certificate chain 0 s:CN = acao.jp i:C = US, O = Google Trust Services, CN = WR3 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Mar 31 14:56:12 2025 GMT; NotAfter: Jun 29 15:50:24 2025 GMT 1 s:C = US, O = Google Trust Services, CN = WR3 i:C = US, O = Google Trust Services LLC, CN = GTS Root R1 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Dec 13 09:00:00 2023 GMT; NotAfter: Feb 20 14:00:00 2029 GMT 2 s:C = US, O = Google Trust Services LLC, CN = GTS Root R1 i:C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA256 v:NotBefore: Jun 19 00:00:42 2020 GMT; NotAfter: Jan 28 00:00:42 2028 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgIQLgT027HB73MQlSA49S1Q/jANBgkqhkiG9w0BAQsFADA7 MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNlcnZpY2VzMQww CgYDVQQDEwNXUjMwHhcNMjUwMzMxMTQ1NjEyWhcNMjUwNjI5MTU1MDI0WjASMRAw DgYDVQQDEwdhY2FvLmpwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA qxQFvGahUiDOaAeoSuDU7gREy+9EFP2SMYR7/b7AOMi7wG/hdETwq25X75sm8fbp 9NBwVdlDD7zn21QeiRoB3IsyeuRYSiRMFxkMu4FqEOO0Mxf4KnBOXifpNv4K9sSd JbgfxfQOUrjtz7skQyoAC2TdRezdczRbYA4LO7I94dSIj8YyIPf0t7trFKwez5Eo WeboXsx7kaN/GR7AJ+5S7WKIUYc5tmJ6YNXPVvd7Uo1wiK0Etd0eUVjVHU0DXZnc tuiTLpZsh1CecMwR4azIjGzWRI0ECTJ/W6+W6vNCNMJ/IZwazIXSRNR8WmwB+Hd7 brFUdXbr2LBADTxbR8CeRwIDAQABo4ICPjCCAjowDgYDVR0PAQH/BAQDAgWgMBMG A1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEVG7YHn kd1jax0Ljsb0/qbwzdwcMB8GA1UdIwQYMBaAFMeB9f2OiNkAPE1jolAxJKDOI/4j MF4GCCsGAQUFBwEBBFIwUDAnBggrBgEFBQcwAYYbaHR0cDovL28ucGtpLmdvb2cv cy93cjMvTGdRMCUGCCsGAQUFBzAChhlodHRwOi8vaS5wa2kuZ29vZy93cjMuY3J0 MBIGA1UdEQQLMAmCB2FjYW8uanAwEwYDVR0gBAwwCjAIBgZngQwBAgEwNgYDVR0f BC8wLTAroCmgJ4YlaHR0cDovL2MucGtpLmdvb2cvd3IzL3FHU2ZqeUVRekI4LmNy bDCCAQIGCisGAQQB1nkCBAIEgfMEgfAA7gB1AM8RVu7VLnyv84db2Wkum+kacWdK sBfsrAHSW3fOzDsIAAABlezq6NEAAAQDAEYwRAIgcu+yoWbyGtNeSxKk5UBfOafq eUNxTa4zlKBm/sj/hxcCIAZsCIRH6k2kR0n0ghO3Rj3Koiqyl8Uu1kVOH/Xb/tl+ AHUAE0rfGrWYQgl4DG/vTHqRpBa3I0nOWFdq367ap8Kr4CIAAAGV7OrqIgAABAMA RjBEAiA6OMyPJgXEul1ZP9lrf42QaFc8sOIogpY72nxqfj59nAIgPt6FI5mV9Pm8 mVPifgpj1q+64IoPu7bdVmNn7vkQGaYwDQYJKoZIhvcNAQELBQADggEBAB4pg4gB F3xf7pR2u/UTGqIUKBsmHJI4/FTtb6aI9sOim88IvNIjn2gxYFeP4Hn2LhpDcyA3 PETSLrhOPmvM22tRYV3y36ZuXjaTxBJ/zWVCK7EmYxlr6blKbFnJsLhx96zd15c9 RD7BwtZdh9WAaWYqE7j1C9i2zddaOzVvSxhgA/Z1hYjgAT+AEy8HyjKUQOI1qGH2 GRgUBm0PKhaCrx9MhopcAHq8vNrpSGGA/fnlHQB9SfLRLXKs89YyQUjS29I/gbhe LTZ1pM7rMrlR+axCX/fhAIkERzsTBMEOF6sgJk/tLWNoi3Xzd6CUTTTF5/1cXGSW Z3VXP9luSzBnCZU= -----END CERTIFICATE----- subject=CN = acao.jp issuer=C = US, O = Google Trust Services, CN = WR3 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL handshake has read 4488 bytes and written 398 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) ---
#
OCSP response of
acao.jp
from OCSP responder (Let's Encrypt)
OCSP response from OCSP responder allows only Let's Encrypt's Certificate.