Welcome to OCSP Checker.
Author: coeurl (
@debiru_R
)
This is test page for
OCSP Stapling Test
.
Test URL:
https://ticket.ctime.jp
Each APIs:
https://ssl.lavoscore.org/api/sslcert-expires/?q=ticket.ctime.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp-stapling/?q=ticket.ctime.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp/?q=ticket.ctime.jp
And you can
check your domain name
.
#
Certificate of
ticket.ctime.jp
{ "serial": "0F1918B5AA6617495283836540848B4B", "OCSP_serial": null, "OCSP_cert_status": null, "OCSP_this_update": null, "OCSP_next_update": null, "domainName": "ticket.ctime.jp", "port": 443, "subjectAltName": "DNS:ticket.ctime.jp", "is_valid": true, "CA": "Amazon", "updated_at": "2023/09/16 09:00:00", "expires_at": "2024/10/15 08:59:59", "today": "2024/04/28 15:06:55", "UTC": { "updated_at": "2023-09-16T00:00:00Z", "expires_at": "2024-10-14T23:59:59Z", "today": "2024-04-28T06:06:55Z" }, "remaining_days": 169 }
#
OCSP response of
ticket.ctime.jp
from OCSP Stapling
CONNECTED(00000003) OCSP response: no response sent --- Certificate chain 0 s:CN = ticket.ctime.jp i:C = US, O = Amazon, CN = Amazon RSA 2048 M01 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Sep 16 00:00:00 2023 GMT; NotAfter: Oct 14 23:59:59 2024 GMT 1 s:C = US, O = Amazon, CN = Amazon RSA 2048 M01 i:C = US, O = Amazon, CN = Amazon Root CA 1 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Aug 23 22:21:28 2022 GMT; NotAfter: Aug 23 22:21:28 2030 GMT 2 s:C = US, O = Amazon, CN = Amazon Root CA 1 i:C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: May 25 12:00:00 2015 GMT; NotAfter: Dec 31 01:00:00 2037 GMT 3 s:C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2 i:C = US, O = "Starfield Technologies, Inc.", OU = Starfield Class 2 Certification Authority a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Sep 2 00:00:00 2009 GMT; NotAfter: Jun 28 17:39:16 2034 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgIQDxkYtapmF0lSg4NlQISLSzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAxMB4XDTIzMDkxNjAwMDAwMFoXDTI0MTAxNDIzNTk1OVowGjEY MBYGA1UEAxMPdGlja2V0LmN0aW1lLmpwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAjs3Pb5mYPZXSZMQE04Wagele2KVJrODqmKyjlW6J8fjmzok4dmpO KkCqh64bJVe6KFajqdEckzDj/SmhcvrNn+zLtCPwDvT+rv+W7kcLUTTW3pSViTPu BTteFn2a9IffEAdFytpIkTELsfEvQQT2AM5ptohWVehFGcXN6rVysqD5V0qnA2zl U6T7kppt48t5xEbC5vM8j7N5h7g4wSA/zfe3J8xt9hR4+KqkqdmaRFtJrXwVazxI wlH307mBpbfHqkGkKX9wreMvjUm224rS/h+6mSOytQwzWaF5i58vcj8nUd2/SZc9 yEF1fHHOjm6Cs7VhzQefa4liBtROmpCvbQIDAQABo4IC6DCCAuQwHwYDVR0jBBgw FoAUgbgOY4qJEhjl+js7UJWf5uWQE4UwHQYDVR0OBBYEFDb/N0eyLDPN5d/CY2oE QYMJ9wz4MBoGA1UdEQQTMBGCD3RpY2tldC5jdGltZS5qcDATBgNVHSAEDDAKMAgG BmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDEuYW1hem9u dHJ1c3QuY29tL3IybTAxLmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGG IWh0dHA6Ly9vY3NwLnIybTAxLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYq aHR0cDovL2NydC5yMm0wMS5hbWF6b250cnVzdC5jb20vcjJtMDEuY2VyMAwGA1Ud EwEB/wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB3AO7N0GTV2xrOxVy3 nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABiptf7bYAAAQDAEgwRgIhAKguyOeS7ITv bLlufbSGn7UneUHIkCHZXYWO+NlbC3ZsAiEA6NQSmQoBHj2YTiUeDiAVg15KlVEV 4z6mWEW/Z70uPVkAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAA AYqbX+3PAAAEAwBHMEUCID9FjSwjw2KURouW7VV1L8HCRbw0/xhosK+q9iPDC60i AiEAk6Z4hhiQBuFqnWLFzFT7rTEExvLKbfuipjZKoi/P8a8AdQDatr9rP7W2Ip+b wrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYqbX+2lAAAEAwBGMEQCIHEFiK/lvbWK fMSJTPQKj3j6qmG48vL9IS18dHLsiXWuAiBini8I//AmeR631pKfG1lFr7m5Rr4/ yvQ3TxDNYmRFdDANBgkqhkiG9w0BAQsFAAOCAQEAEY0f5+N039s8XZcxrDugyu2b WXplM+vBHYdNEJvoLUFDo2sHmz/O/+eXLb3P8p7ZUduAY8BC9zX/8+QCmuuSDL+E qyyufw+eI7vajcmERZfDXPe2gD8/8IzhDGwuvIUFHHhzNLBVCcc+c8kOZ0JgB1fH qvF01QbYBmBZIpjsWXr2RPWUIDTAh68A7WWvmhEvMpI9PbDy0W4CW0ygnYhtqcNn wpR7yWiciA2xeHqXUMZRmNkminrLbANwCBBGiVPYVeJ8+AZvBQCr/y1ifVAOvNE7 IllaOz2tOQfPrhW0pcw1Zaas9W2JXMLaFJC7E9CZlDQzMntYnC+WdPfKXWvYEg== -----END CERTIFICATE----- subject=CN = ticket.ctime.jp issuer=C = US, O = Amazon, CN = Amazon RSA 2048 M01 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA Server Temp Key: ECDH, prime256v1, 256 bits --- SSL handshake has read 5573 bytes and written 452 bytes Verification: OK --- New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 Session-ID: 0EA15AF3CF8E4812B14B96210E600E4C1F29798B9C3106F31B60F25E82706854 Session-ID-ctx: Master-Key: 144FE0B41DAE097FDC3D3B30EE07C66EA23190C989D5B17BA36A24F32231889522A48A8D94C863C3D6069F2EAF8A64FA PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 86400 (seconds) TLS session ticket: 0000 - 10 c5 76 51 61 72 55 7a-da 74 25 11 e3 69 7b 4c ..vQarUz.t%..i{L 0010 - 33 03 7c 49 f3 da 0c a1-5b 66 92 68 18 71 c7 a0 3.|I....[f.h.q.. 0020 - 52 0c f6 a2 5c 39 c9 de-b7 7e ae d0 12 d9 2f 5f R...\9...~..../_ 0030 - 22 c5 c8 e3 cc d7 cf b6-e3 ec 25 4c ad 88 b9 be ".........%L.... 0040 - e7 fb 14 1d 84 14 9f 1a-c1 89 52 ae 87 06 68 f4 ..........R...h. 0050 - af 51 21 1a 55 58 fe 9e-e9 78 69 21 8f 64 51 4e .Q!.UX...xi!.dQN 0060 - c7 63 0b 1c 28 ff d0 9f-17 .c..(.... Start Time: 1714284415 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: yes ---
#
OCSP response of
ticket.ctime.jp
from OCSP responder (Let's Encrypt)
OCSP response from OCSP responder allows only Let's Encrypt's Certificate.