Welcome to OCSP Checker.
Author: coeurl (
@debiru_R
)
This is test page for
OCSP Stapling Test
.
Test URL:
https://vaultwarden.kushibuchi.jp
Each APIs:
https://ssl.lavoscore.org/api/sslcert-expires/?q=vaultwarden.kushibuchi.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp-stapling/?q=vaultwarden.kushibuchi.jp
https://ssl.lavoscore.org/api/sslcert-expires/ocsp/?q=vaultwarden.kushibuchi.jp
And you can
check your domain name
.
#
Certificate of
vaultwarden.kushibuchi.jp
{ "serial": "E98765C7FC2288E0094E5AB49FEEC320", "OCSP_serial": "E98765C7FC2288E0094E5AB49FEEC320", "OCSP_cert_status": "good", "OCSP_this_update": "Nov 20 16:28:45 2024 GMT", "OCSP_next_update": "Nov 27 16:28:44 2024 GMT", "domainName": "vaultwarden.kushibuchi.jp", "port": 443, "subjectAltName": "DNS:vaultwarden.kushibuchi.jp", "is_valid": true, "CA": "ZeroSSL", "updated_at": "2024/11/14 09:00:00", "expires_at": "2025/02/13 08:59:59", "today": "2024/11/21 16:08:22", "UTC": { "updated_at": "2024-11-14T00:00:00Z", "expires_at": "2025-02-12T23:59:59Z", "today": "2024-11-21T07:08:22Z" }, "remaining_days": 83 }
#
OCSP response of
vaultwarden.kushibuchi.jp
from OCSP Stapling
CONNECTED(00000003) OCSP response: ====================================== OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response Version: 1 (0x0) Responder Id: 0F6BE64BCE3947AEF67E901E79F0309192C85FA3 Produced At: Nov 20 16:28:45 2024 GMT Responses: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: 331FFE3FFD0B8416284F948D56C07E0392D8F64D Issuer Key Hash: 0F6BE64BCE3947AEF67E901E79F0309192C85FA3 Serial Number: E98765C7FC2288E0094E5AB49FEEC320 Cert Status: good This Update: Nov 20 16:28:45 2024 GMT Next Update: Nov 27 16:28:44 2024 GMT Signature Algorithm: ecdsa-with-SHA384 Signature Value: 30:65:02:31:00:84:0a:11:f8:c8:a0:cb:a0:c2:9c:77:c7:9a: 68:b2:ef:d9:86:36:61:b2:32:cb:32:a7:35:42:35:f5:74:45: 15:bd:9f:7c:2c:e6:01:b5:b3:65:46:98:a5:45:29:34:8c:02: 30:40:a0:8b:82:d0:c8:aa:ef:22:00:07:9c:d1:de:45:0e:ca: 7b:c6:9a:d4:f9:fc:46:13:9c:dc:24:6b:c9:e6:63:83:80:15: 76:d9:32:94:51:88:10:49:26:69:10:e5:70 ====================================== --- Certificate chain 0 s:CN = vaultwarden.kushibuchi.jp i:C = AT, O = ZeroSSL, CN = ZeroSSL ECC Domain Secure Site CA a:PKEY: id-ecPublicKey, 256 (bit); sigalg: ecdsa-with-SHA384 v:NotBefore: Nov 14 00:00:00 2024 GMT; NotAfter: Feb 12 23:59:59 2025 GMT 1 s:C = AT, O = ZeroSSL, CN = ZeroSSL ECC Domain Secure Site CA i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust ECC Certification Authority a:PKEY: id-ecPublicKey, 384 (bit); sigalg: ecdsa-with-SHA384 v:NotBefore: Jan 30 00:00:00 2020 GMT; NotAfter: Jan 29 23:59:59 2030 GMT 2 s:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust ECC Certification Authority i:C = GB, ST = Greater Manchester, L = Salford, O = Comodo CA Limited, CN = AAA Certificate Services a:PKEY: id-ecPublicKey, 384 (bit); sigalg: RSA-SHA384 v:NotBefore: Mar 12 00:00:00 2019 GMT; NotAfter: Dec 31 23:59:59 2028 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIEFTCCA5ygAwIBAgIRAOmHZcf8IojgCU5atJ/uwyAwCgYIKoZIzj0EAwMwSzEL MAkGA1UEBhMCQVQxEDAOBgNVBAoTB1plcm9TU0wxKjAoBgNVBAMTIVplcm9TU0wg RUNDIERvbWFpbiBTZWN1cmUgU2l0ZSBDQTAeFw0yNDExMTQwMDAwMDBaFw0yNTAy MTIyMzU5NTlaMCQxIjAgBgNVBAMTGXZhdWx0d2FyZGVuLmt1c2hpYnVjaGkuanAw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARQ/zhhZkD4JJ1NRhTxxS2EykrgUFYL x2jE85XMwQRN5U5sRZSyccGEBUkxX2NxZbcOOYBsHX1zI3rMsrsslME5o4IChjCC AoIwHwYDVR0jBBgwFoAUD2vmS845R672fpAeefAwkZLIX6MwHQYDVR0OBBYEFJ2h lmscwCP5TTi6TZR95RNHyD08MA4GA1UdDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAA MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBJBgNVHSAEQjBAMDQGCysG AQQBsjEBAgJOMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BT MAgGBmeBDAECATCBiAYIKwYBBQUHAQEEfDB6MEsGCCsGAQUFBzAChj9odHRwOi8v emVyb3NzbC5jcnQuc2VjdGlnby5jb20vWmVyb1NTTEVDQ0RvbWFpblNlY3VyZVNp dGVDQS5jcnQwKwYIKwYBBQUHMAGGH2h0dHA6Ly96ZXJvc3NsLm9jc3Auc2VjdGln by5jb20wggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgDPEVbu1S58r/OHW9lpLpvp GnFnSrAX7KwB0lt3zsw7CAAAAZMn/Pm0AAAEAwBHMEUCIE5BoRWqGpu/w08eE9G5 OShkalwv2RuRr/fmnyrudNnvAiEAuwAzSS/JTyu/3F+WZn136979ChtzjfKmYcD+ A48L+AAAdwDM+w9qhXEJZf6Vm1PO6bJ8IumFXA2XjbapflTA/kwNsAAAAZMn/PmO AAAEAwBIMEYCIQCjbim6tlScjl8dnbuTe3KQcS5x3mf8nOH8f3igXG+BoAIhAPUy 2loVt2s40pCcX2Ut/MdpBnhPWwipnAA1qFAdAiJUMCQGA1UdEQQdMBuCGXZhdWx0 d2FyZGVuLmt1c2hpYnVjaGkuanAwCgYIKoZIzj0EAwMDZwAwZAIwL0p1iMUyP7VK fxcWqXT/Wa9NBSnkfGsa9vRqSky0RHECk/PmDAP79cJZzrtnm1vIAjAAm3b+z560 Rwc9WDKB+ycZpwavJBym0lm0Dh5DZ6x6INBlTfcwEdLzX2qO34dUqDc= -----END CERTIFICATE----- subject=CN = vaultwarden.kushibuchi.jp issuer=C = AT, O = ZeroSSL, CN = ZeroSSL ECC Domain Secure Site CA --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: ECDSA Server Temp Key: X25519, 253 bits --- SSL handshake has read 3626 bytes and written 400 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256 Server public key is 256 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_128_GCM_SHA256 Session-ID: 4DDE4299C4B1ED49338D72FD98837B89E40CF6CB89D0F3EEC56FF10A88DBAC9B Session-ID-ctx: Resumption PSK: EE32100892ED1523C6545A3E5F9184DFF14A470C6A7874625D89539CD0AB4AB9 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 604800 (seconds) TLS session ticket: 0000 - 78 a1 b3 aa b5 4f af c1-6c 59 70 fe ee d4 e2 a4 x....O..lYp..... 0010 - 7f 7e 5d 6b fa 7c b5 ee-99 42 22 3d b7 4c e3 b5 .~]k.|...B"=.L.. 0020 - 3e 36 37 46 ce 1e d7 ef-28 f4 60 a3 85 4e 32 15 >67F....(.`..N2. 0030 - 85 ca 74 43 74 74 51 20-5f 61 43 ab dc 1a 6f 0d ..tCttQ _aC...o. 0040 - 33 49 6f ef 9a 17 a5 ea-b5 0e e0 b4 50 8f 05 14 3Io.........P... 0050 - 5a 2e 5f a6 08 bb 79 e4-0e c0 5b 09 df 72 8c ca Z._...y...[..r.. 0060 - e1 18 b1 5c af 46 b1 b2-3b ...\.F..; Start Time: 1732172903 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no Max Early Data: 0 --- read R BLOCK
#
OCSP response of
vaultwarden.kushibuchi.jp
from OCSP responder (Let's Encrypt)
OCSP response from OCSP responder allows only Let's Encrypt's Certificate.