Welcome to OCSP Checker.
Author: coeurl (
@debiru_R
)
This is test page for
OCSP Stapling Test
.
Test URL:
https://www.kepura.com
Each APIs:
https://ssl.lavoscore.org/api/sslcert-expires/?q=www.kepura.com
https://ssl.lavoscore.org/api/sslcert-expires/ocsp-stapling/?q=www.kepura.com
https://ssl.lavoscore.org/api/sslcert-expires/ocsp/?q=www.kepura.com
And you can
check your domain name
.
#
Certificate of
www.kepura.com
{ "serial": "08CF781C46DD528CEF290BDA65B45F6D", "OCSP_serial": null, "OCSP_cert_status": null, "OCSP_this_update": null, "OCSP_next_update": null, "domainName": "www.kepura.com", "port": 443, "subjectAltName": "DNS:*.kepura.com, DNS:kepura.com", "is_valid": true, "CA": "Amazon", "updated_at": "2024/04/12 09:00:00", "expires_at": "2025/05/13 08:59:59", "today": "2024/11/21 15:57:42", "UTC": { "updated_at": "2024-04-12T00:00:00Z", "expires_at": "2025-05-12T23:59:59Z", "today": "2024-11-21T06:57:42Z" }, "remaining_days": 172 }
#
OCSP response of
www.kepura.com
from OCSP Stapling
CONNECTED(00000003) OCSP response: no response sent --- Certificate chain 0 s:CN = *.kepura.com i:C = US, O = Amazon, CN = Amazon RSA 2048 M02 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Apr 12 00:00:00 2024 GMT; NotAfter: May 12 23:59:59 2025 GMT 1 s:C = US, O = Amazon, CN = Amazon RSA 2048 M02 i:C = US, O = Amazon, CN = Amazon Root CA 1 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Aug 23 22:25:30 2022 GMT; NotAfter: Aug 23 22:25:30 2030 GMT 2 s:C = US, O = Amazon, CN = Amazon Root CA 1 i:C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: May 25 12:00:00 2015 GMT; NotAfter: Dec 31 01:00:00 2037 GMT 3 s:C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2 i:C = US, O = "Starfield Technologies, Inc.", OU = Starfield Class 2 Certification Authority a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Sep 2 00:00:00 2009 GMT; NotAfter: Jun 28 17:39:16 2034 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIF0TCCBLmgAwIBAgIQCM94HEbdUozvKQvaZbRfbTANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTI0MDQxMjAwMDAwMFoXDTI1MDUxMjIzNTk1OVowFzEV MBMGA1UEAwwMKi5rZXB1cmEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAteubLNLAVdu/viNru8BwohKGMGETAQLzVsxSuG2mw6wMbolwZhn+uZkW ueNy6xipatu/M1IuH/34AVLr/Tgqbpu3uE5CB4cvcbuQF61FKG5cDet/KG2BIb1N 0xUMgN6htCQjvo5dtCdFXPbcTm5kvkxvwgdoIbijEKVBvXM56uAXwbkiYna7O8RS j3nnfhAKPuMMGRzafwtndeK5In+ZOLcJ1/SGRHjtSPfpWnz0beOy/Mhuif1mZ9eS u4dB7XcroKtBKw2VIOtH3xVOxC/u2cG26s6BexTNIk+mfsFtXLUQRRFlR7/hm72L QJtkuSTL3qGg/UiDXNku95q4TBoneQIDAQABo4IC8jCCAu4wHwYDVR0jBBgwFoAU wDFSzVpQw4J8dHHOy+mc+XrrguIwHQYDVR0OBBYEFAWf3cobWMO1ocQCnU7ML4cs Zcv4MCMGA1UdEQQcMBqCDCoua2VwdXJhLmNvbYIKa2VwdXJhLmNvbTATBgNVHSAE DDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIu YW1hem9udHJ1c3QuY29tL3IybTAyLmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYB BQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAyLmFtYXpvbnRydXN0LmNvbTA2BggrBgEF BQcwAoYqaHR0cDovL2NydC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY2Vy MAwGA1UdEwEB/wQCMAAwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2AM8RVu7V Lnyv84db2Wkum+kacWdKsBfsrAHSW3fOzDsIAAABjtBtGfQAAAQDAEcwRQIhALgF QsiNDgOhBCfEZKheeN5sTN1+6j4U1FD+P5FF8pndAiBa0iPpiijjdkimDdGTgPx8 bXQPu0gNGYNzgQUuoInqGQB3AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0H E9MMAAABjtBtGhEAAAQDAEgwRgIhAJUgG1UU8oP5rUTv045k7otxWGpQL97EQpzF nXGMcOgtAiEAu1LtV8T42uibjPOkw97fJPmO2qnuNPN8N2scm5KDX7QAdgB9WR4S 4XgqexxhZ3xe/fjQh1wUoE6VnrkDL9kOjC55uAAAAY7QbRlwAAAEAwBHMEUCIFJT 4VcJmJxlISPkVnaBN0pQli79Nkos/o79SV1Uq/ApAiEApMqfWpoxXJUdTx5ERdbS VHB5IDW8Antz+pzYIjNw4wAwDQYJKoZIhvcNAQELBQADggEBABZUzFN6dTkXdrYt /Mvra0twG4Y5YM1wImElnHwnDYlJOHYEhd9tgSuAKuZgSFb9+uj4aRJPTx8vaHfa MBS77dFj9QCzU9Fhue8VUfAymG7ZMEGMi1PgHcAH8wHvqCOz5YjqU2Dl8Nwha2GO g5lGfQlxHFsOvlKpFDYh1RxTDOJ2Qwbni0qyLL0xdx2rY5SY9XdEbGc72Pw2giuK 5GsZoBaXkAOzmpUwh3XNNioRdc4kumfZPqS6qzpKtHPB6d128tC2y7f5ZyA/wUnC d1JNFw5DcWnW3kHIX9Hd58u2fmINqUO+n2Gw0xPGXf2tT0xPcKlWJOWYs+qZmtBx e6buYcs= -----END CERTIFICATE----- subject=CN = *.kepura.com issuer=C = US, O = Amazon, CN = Amazon RSA 2048 M02 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA Server Temp Key: ECDH, prime256v1, 256 bits --- SSL handshake has read 5613 bytes and written 451 bytes Verification: OK --- New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 Session-ID: 78EE5983D6FC3EAE3A221ED06EE7C368269EB756D35A4727CAD901F12233E63B Session-ID-ctx: Master-Key: 277A1D9680BA9860BFE6EC19811EFD7C7E902D626469534449BB9BFEEC61AD6B73804F31E7185CAEE4B7FC0B8976DD9C PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 86400 (seconds) TLS session ticket: 0000 - 01 f5 c6 3f ad 35 1b 2a-cd f7 2e 97 3b 20 af fc ...?.5.*....; .. 0010 - e4 aa db 99 a0 f5 9e 17-71 f6 c7 07 15 61 f9 6d ........q....a.m 0020 - a0 0b 32 e3 e0 72 a4 c9-e1 52 93 27 91 c7 6f 78 ..2..r...R.'..ox 0030 - ec b9 b0 38 24 5e ea 20-b6 37 c0 5e e1 27 8e 7e ...8$^. .7.^.'.~ 0040 - c8 4f 79 47 70 c5 35 13-11 d9 bb 31 0d be 13 66 .OyGp.5....1...f 0050 - 5a 59 df 10 20 44 aa df-25 00 8b 78 9a 5a 1b 15 ZY.. D..%..x.Z.. 0060 - 03 2c fd cd c8 52 1e 08-5b e4 b7 03 26 b6 d1 1b .,...R..[...&... 0070 - 14 77 6b 6b 38 35 5c 10-1b de 62 4c 4e 94 dc e7 .wkk85\...bLN... 0080 - 32 b2 02 b7 11 c8 34 19-e8 5d 2.....4..] Start Time: 1732172263 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: yes ---
#
OCSP response of
www.kepura.com
from OCSP responder (Let's Encrypt)
OCSP response from OCSP responder allows only Let's Encrypt's Certificate.