Welcome to OCSP Checker.
Author: coeurl (
@debiru_R
)
This is test page for
OCSP Stapling Test
.
Test URL:
https://hcdr.jp
Each APIs:
https://ssl.lavoscore.org/api/sslcert-expires/?q=hcdr.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp-stapling/?q=hcdr.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp/?q=hcdr.jp
And you can
check your domain name
.
#
Certificate of
hcdr.jp
{ "serial": "115D5EF55B1C02B511E69FE739F3416F", "OCSP_serial": "115D5EF55B1C02B511E69FE739F3416F", "OCSP_cert_status": "good", "OCSP_this_update": "Apr 27 21:18:34 2024 GMT", "OCSP_next_update": "May 4 20:18:33 2024 GMT", "domainName": "hcdr.jp", "port": 443, "subjectAltName": "DNS:hcdr.jp, DNS:*.hcdr.jp", "is_valid": true, "CA": "Google Trust Services LLC", "updated_at": "2024/03/13 22:01:18", "expires_at": "2024/06/11 22:01:17", "today": "2024/04/28 18:52:16", "UTC": { "updated_at": "2024-03-13T13:01:18Z", "expires_at": "2024-06-11T13:01:17Z", "today": "2024-04-28T09:52:16Z" }, "remaining_days": 44 }
#
OCSP response of
hcdr.jp
from OCSP Stapling
CONNECTED(00000003) OCSP response: ====================================== OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response Version: 1 (0x0) Responder Id: D5FC9E0DDF1ECADD0897976E2BC55FC52BF5ECB8 Produced At: Apr 27 21:18:34 2024 GMT Responses: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: EC4A2797F8915935139678B3E8C8A21D097B312E Issuer Key Hash: D5FC9E0DDF1ECADD0897976E2BC55FC52BF5ECB8 Serial Number: 115D5EF55B1C02B511E69FE739F3416F Cert Status: good This Update: Apr 27 21:18:34 2024 GMT Next Update: May 4 20:18:33 2024 GMT Signature Algorithm: sha256WithRSAEncryption Signature Value: 1b:4e:97:dd:b8:2d:e7:47:83:86:5c:45:8a:50:2b:fe:4b:56: 22:ae:2c:7d:81:a1:b7:53:17:ef:43:e0:6a:c7:a5:de:d7:20: e1:b6:d2:d6:d8:6b:93:e2:ed:aa:db:2f:61:fd:fe:8b:18:2c: 7f:25:f4:89:62:ed:15:fd:d8:f3:2d:1f:ba:2d:7f:65:5a:00: b8:98:17:80:51:a5:1a:dc:37:6b:54:61:f6:bb:29:df:a0:21: 72:b7:b5:a3:47:e0:84:71:5c:36:8f:21:cf:fa:85:68:73:58: bc:74:b1:e9:bf:c5:60:3f:02:e0:54:c7:f7:60:05:1d:05:70: a3:97:32:86:41:20:83:19:b9:c4:9e:9b:03:54:7c:97:67:af: 4b:71:e0:31:1a:fe:89:41:12:40:19:33:de:c2:6e:2f:8d:04: f2:7c:e1:c5:6e:6b:70:72:20:99:3c:11:52:51:59:f5:75:ad: 73:e8:d4:35:78:cd:dc:1f:01:c0:6e:7b:19:a5:c1:72:41:1f: 77:5b:13:2d:6b:88:9f:8c:c6:03:c2:70:5a:19:49:a5:9c:55: 4c:7d:d8:36:bc:d8:24:03:cf:b0:16:ef:2b:a4:53:99:50:79: 9b:37:37:38:72:48:9f:1c:64:18:3b:ee:9f:aa:ca:e0:9f:08: e5:c2:98:15 ====================================== --- Certificate chain 0 s:CN = hcdr.jp i:C = US, O = Google Trust Services LLC, CN = GTS CA 1P5 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Mar 13 13:01:18 2024 GMT; NotAfter: Jun 11 13:01:17 2024 GMT 1 s:C = US, O = Google Trust Services LLC, CN = GTS CA 1P5 i:C = US, O = Google Trust Services LLC, CN = GTS Root R1 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Aug 13 00:00:42 2020 GMT; NotAfter: Sep 30 00:00:42 2027 GMT 2 s:C = US, O = Google Trust Services LLC, CN = GTS Root R1 i:C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA256 v:NotBefore: Jun 19 00:00:42 2020 GMT; NotAfter: Jan 28 00:00:42 2028 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIQEV1e9VscArUR5p/nOfNBbzANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM QzETMBEGA1UEAxMKR1RTIENBIDFQNTAeFw0yNDAzMTMxMzAxMThaFw0yNDA2MTEx MzAxMTdaMBIxEDAOBgNVBAMTB2hjZHIuanAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCk0OE3YNZrbGDNSPxz3w6nHEHgEu74PRLUpZHYJ/TcQtyU7AOg dlUGbmN5Dlq29E7QJg4HukgwsRjUMIejwjrgcuAGrXpPo5N7g2KBdPn3ApJn8nPM zccRnQPB/WtYyEV/3+vyWH70pBsRVETKRWu/colV5MMNOaHeOwUPU2G3q0bl1VrK 4FWCCz6Yf0oKaFHyengKSMlyprq3vGieXCW9afcG8oO7vwy5JuA3BRLR6ebjHhB1 C2yAzrU4KFxeTqN1wITFLugXq11lmWmRBQBWkrGxr165bmwsRDyd9kju+Z6xBtGE ROv2Wz6iSsUUrlNM2eTRCJ/8DKDHALjNOWVBAgMBAAGjggJ5MIICdTAOBgNVHQ8B Af8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAdBgNV HQ4EFgQU5Sy1msk4Xk2QI0bXDvvRfpugd3wwHwYDVR0jBBgwFoAU1fyeDd8eyt0I l5duK8VfxSv17LgweAYIKwYBBQUHAQEEbDBqMDUGCCsGAQUFBzABhilodHRwOi8v b2NzcC5wa2kuZ29vZy9zL2d0czFwNS9obWoyNW45UTNKQTAxBggrBgEFBQcwAoYl aHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzMXA1LmRlcjAdBgNVHREEFjAU ggdoY2RyLmpwggkqLmhjZHIuanAwIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYB BAHWeQIFAzA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9n dHMxcDUva0RFNjFpY1B5OXcuY3JsMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYA 7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGOOB4VGwAABAMARzBF AiEAxgFzcR66b+dIyzpda/nFMa2p9QrLU/SO91vKtemLA8QCIFFg9b/YVqHK8hFG uIgJuj49lV2AsGlqu7r2Wc8qWPr3AHYA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0 vaQ9MEjX+6sAAAGOOB4VUAAABAMARzBFAiBmhQqsHU2tsx9BdVEL8s+MfaxAJAjn gtW/qQnrDP7OQAIhAOn0x1d4kpeSTXxFswGyzN2u8b7kBIIcJ7BxupT9qZyeMA0G CSqGSIb3DQEBCwUAA4IBAQBgZssUZQArRWl9VaFx5J2FQMIOLYg+ME9kaf48K/n0 tCLzuAC7KI8qvASOH8fCyoE/dhtaV+18wqPFxZSZL3rdv9cJLPGQOBsLQAZNdYVA vSF2kha0Zo0cE34KOMbVf4VqRHkoe/sUMtc6zcvufc9E93vrqU/pQFsf9WJIhQKF uE32GAqcXCujUErNx6DO2G2t1rWb/+/hiiETulHDfEx0cebJ525eOoPXtB+qS14T Ikpr3eoVf7q18ye0ytcI5Yef/9tQxeO5SQWaGWR7uuBXvkke9KF/YiiaP380fpnJ Ics0+ZW+obvhC1F4OW4fLiLNxpYujXdUbbyscPMgh0Bo -----END CERTIFICATE----- subject=CN = hcdr.jp issuer=C = US, O = Google Trust Services LLC, CN = GTS CA 1P5 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL handshake has read 5166 bytes and written 398 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) ---
#
OCSP response of
hcdr.jp
from OCSP responder (Let's Encrypt)
OCSP response from OCSP responder allows only Let's Encrypt's Certificate.