Welcome to OCSP Checker.
Author: coeurl (
@debiru_R
)
This is test page for
OCSP Stapling Test
.
Test URL:
https://hatsukano.jp
Each APIs:
https://ssl.lavoscore.org/api/sslcert-expires/?q=hatsukano.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp-stapling/?q=hatsukano.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp/?q=hatsukano.jp
And you can
check your domain name
.
#
Certificate of
hatsukano.jp
{ "serial": "0EAA3D2DD95087561167B4D2682FD54B", "OCSP_serial": "0EAA3D2DD95087561167B4D2682FD54B", "OCSP_cert_status": "good", "OCSP_this_update": "Nov 17 05:01:36 2024 GMT", "OCSP_next_update": "Nov 24 04:01:35 2024 GMT", "domainName": "hatsukano.jp", "port": 443, "subjectAltName": "DNS:hatsukano.jp, DNS:*.hatsukano.jp", "is_valid": true, "CA": "Google Trust Services", "updated_at": "2024/11/12 12:42:22", "expires_at": "2025/02/10 12:42:21", "today": "2024/11/21 15:38:12", "UTC": { "updated_at": "2024-11-12T03:42:22Z", "expires_at": "2025-02-10T03:42:21Z", "today": "2024-11-21T06:38:12Z" }, "remaining_days": 80 }
#
OCSP response of
hatsukano.jp
from OCSP Stapling
CONNECTED(00000003) OCSP response: ====================================== OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response Version: 1 (0x0) Responder Id: 9077923567C4FFA8CCA9E67BD980797BCC93F938 Produced At: Nov 17 05:01:36 2024 GMT Responses: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: B9BED5F1A61E40B24196B0C29E7E1A9D8BFCB520 Issuer Key Hash: 9077923567C4FFA8CCA9E67BD980797BCC93F938 Serial Number: 0EAA3D2DD95087561167B4D2682FD54B Cert Status: good This Update: Nov 17 05:01:36 2024 GMT Next Update: Nov 24 04:01:35 2024 GMT Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:44:02:20:0f:34:49:b9:cb:01:6d:81:86:be:d6:12:4f:09: 66:42:04:11:84:21:1a:fa:63:80:2c:d8:f6:04:bc:6d:b5:d3: 02:20:52:a0:0e:47:48:43:7f:a1:53:6e:ca:cc:b0:de:ed:41: be:05:41:c0:a6:13:d9:a8:48:50:d4:f9:2b:ed:7a:f1 ====================================== --- Certificate chain 0 s:CN = hatsukano.jp i:C = US, O = Google Trust Services, CN = WE1 a:PKEY: id-ecPublicKey, 256 (bit); sigalg: ecdsa-with-SHA256 v:NotBefore: Nov 12 03:42:22 2024 GMT; NotAfter: Feb 10 03:42:21 2025 GMT 1 s:C = US, O = Google Trust Services, CN = WE1 i:C = US, O = Google Trust Services LLC, CN = GTS Root R4 a:PKEY: id-ecPublicKey, 256 (bit); sigalg: ecdsa-with-SHA384 v:NotBefore: Dec 13 09:00:00 2023 GMT; NotAfter: Feb 20 14:00:00 2029 GMT 2 s:C = US, O = Google Trust Services LLC, CN = GTS Root R4 i:C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA a:PKEY: id-ecPublicKey, 384 (bit); sigalg: RSA-SHA256 v:NotBefore: Nov 15 03:43:21 2023 GMT; NotAfter: Jan 28 00:00:42 2028 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIDpTCCA0ygAwIBAgIQDqo9LdlQh1YRZ7TSaC/VSzAKBggqhkjOPQQDAjA7MQsw CQYDVQQGEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNlcnZpY2VzMQwwCgYD VQQDEwNXRTEwHhcNMjQxMTEyMDM0MjIyWhcNMjUwMjEwMDM0MjIxWjAXMRUwEwYD VQQDEwxoYXRzdWthbm8uanAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARWPEfG EaV6kIcmZh6NLHVQ4mGogfBn3W0j241nmlngZAMoJay6Kv93cGaL2MkSBWGTPJg5 bB/nhxMxvcQcOoK6o4ICVDCCAlAwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoG CCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFN3pc28sQO/PU+sc9CCu 3GO/RsgQMB8GA1UdIwQYMBaAFJB3kjVnxP+ozKnme9mAeXvMk/k4MF4GCCsGAQUF BwEBBFIwUDAnBggrBgEFBQcwAYYbaHR0cDovL28ucGtpLmdvb2cvcy93ZTEvRHFv MCUGCCsGAQUFBzAChhlodHRwOi8vaS5wa2kuZ29vZy93ZTEuY3J0MCcGA1UdEQQg MB6CDGhhdHN1a2Fuby5qcIIOKi5oYXRzdWthbm8uanAwEwYDVR0gBAwwCjAIBgZn gQwBAgEwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2MucGtpLmdvb2cvd2UxL19N WVJaVUJ0eFpJLmNybDCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2AM8RVu7VLnyv 84db2Wkum+kacWdKsBfsrAHSW3fOzDsIAAABkx6uC6AAAAQDAEcwRQIhAMDQkb36 7bbgp+ihXgXI2onFAMg9LskajIlqKROWGSEaAiADG1SW5YQYY9GJAtNZsd6y3222 lzjLHJWtQ+klNfJ2dwB1AKLjCuRF772tm3447Udnd1PXgluElNcrXhssxLlQpEfn AAABkx6uC4AAAAQDAEYwRAIgDcSyV9/2KLfoLZz+c4gx25E4s9I0dxF1KRNHVqsM WF0CIDabQHtV2HgytRsQXeyacA8nWURftxBqxha2s8CNkmr1MAoGCCqGSM49BAMC A0cAMEQCIGISPuyrwvtyIhhSbsYUvbkEmubT+dwDR6niMWqJuFAYAiB3R+lZNYe6 gSc7BbSr1o+BS6yvI/ct79p1E1nAqoTfkA== -----END CERTIFICATE----- subject=CN = hatsukano.jp issuer=C = US, O = Google Trust Services, CN = WE1 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: ECDSA Server Temp Key: X25519, 253 bits --- SSL handshake has read 3110 bytes and written 403 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 256 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) ---
#
OCSP response of
hatsukano.jp
from OCSP responder (Let's Encrypt)
OCSP response from OCSP responder allows only Let's Encrypt's Certificate.