TLS/SSL certificate check


Port to connect on:
Secure HTTP / HTTPS - port 443 Secured SMTP - port 465 Secured IMAP - port 993 Secured POP3 - port 995

TLS/SSL check of 'amazon.com (205.251.242.103)'

Multiple A-records!

The domain 'amazon.com' has severals A/AAAA-records - and thereby multiple IP's to check.

click to use
52.94.236.248
click to use
54.239.28.85

Summary


Host:
amazon.com, 205.251.242.103, port 443


Protocols:
All good
 3 supported protocols: TLS 1.2, TLS 1.1, TLS 1.0


Certificate:
All good
 Certificate '*.peg.a2z.com' is verified okay. Issued by 'DigiCert Global CA G2'. Expires 07-01-2025.

Protocol support



Protocol support:
TLS 1.3
No support
TLS 1.2
Supported
TLS 1.1
Supported
TLS 1.0
Supported
SSL 3.0
No support
SSL 2.0
No support

Verification:
TLS 1.2 is supported
 
It is noticable, that TLS 1.3 is not supported. Please consider disableing TLS 1.1, 1.0, SSL3 and SSL2 - as of March 2021, TLS 1.1 and 1.0 was oficially depricated, and as of June 2015 SSL3 and SSL2 was depricated. Use of either protocol is not recomended

Chain of certificates

3 of 3 - End-Entity
*.peg.a2z.com

Certificat:
*.peg.a2z.com

Issued by:
DigiCert Global CA G2, DigiCert Inc, US

Valid:
From 01-02-2024 to 07-01-2025

Verification:
Certificate is verified okay

SAN's:
amazon.co.uk
uedata.amazon.co.uk
www.amazon.co.uk
origin-www.amazon.co.uk
*.peg.a2z.com
amazon.com
amzn.com
uedata.amazon.com
us.amazon.com
www.amazon.com
www.amzn.com
corporate.amazon.com
buybox.amazon.com
iphone.amazon.com
yp.amazon.com
home.amazon.com
origin-www.amazon.com
origin2-www.amazon.com
buckeye-retail-website.amazon.com
huddles.amazon.com
amazon.de
www.amazon.de
origin-www.amazon.de
amazon.co.jp
amazon.jp
www.amazon.jp
www.amazon.co.jp
origin-www.amazon.co.jp
*.aa.peg.a2z.com
*.ab.peg.a2z.com
*.ac.peg.a2z.com
origin-www.amazon.com.au
www.amazon.com.au
*.bz.peg.a2z.com
amazon.com.au
origin2-www.amazon.co.jp
edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp
edgeflow.aero.04f01a85e-frontier.amazon.com.au
edgeflow.aero.47cf2c8c9-frontier.amazon.com
edgeflow.aero.abe2c2f23-frontier.amazon.de
edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk
edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp
edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au
edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com

Key:
RSA, 2048 bit
Signature algorithm:
sha256RSA

Serial:
0EDB97391CB586451865E838F9F52971

PEM format:
Click to see certificate as PEM (modal)

2 of 3 - Intermediate
DigiCert Global CA G2

Certificat:
DigiCert Global CA G2, DigiCert Inc, US

Issued by:
DigiCert Global Root G2, DigiCert Inc, US

Valid:
From 01-08-2013 to 01-08-2028

Verification:
Certificate is verified okay

Key:
RSA, 2048 bit
Signature algorithm:
sha256RSA

Serial:
0C8EE0C90D6A89158804061EE241F9AF

PEM format:
Click to see certificate as PEM (modal)

1 of 3 - Root certificate
DigiCert Global Root G2

Certificat:
DigiCert Global Root G2, DigiCert Inc, US

Issued by:
DigiCert Global Root G2, DigiCert Inc, US

Valid:
From 01-08-2013 to 15-01-2038

Verification:
Certificate is verified okay

Key:
RSA, 2048 bit
Signature algorithm:
sha256RSA

Serial:
033AF1E6A711A9A0BB2864B11D09FAE5

PEM format:
Click to see certificate as PEM (modal)

Root Store trust

Root Certificat:
DigiCert Global Root G2
Issued by:
DigiCert

Root Store trust:
The root certificte is trustet by ALL major trusted root certificate stores

Microsoft:
Root Certificate is fully trusted by Microsoft (Windows)

Apple:
Root Certificate is fully is trusted by Apple (iOS, iPadOS, macOS)

Android:
Root Certificate is fully is trusted by Android

API

You may perform this lookup using the API and get the results as easy-to-parse JSON data.

Read more on the API at https://iamroot.tech/about/api (regarding authentication and rate limits, among other things), or give it a go right away using the 'try it' button.

 
GET
 https://iamroot.tech/ssl-certificate-check/api/?host=amazon.com copy try it
 

Log

035+035
  • Host 'amazon.com' resolved in 33ms
035+000
  • INFMultiple A-records!
    Domain 'amazon.com' has several A-records, and thereby multiple IPs to check. IP 205.251.242.103 will be used.
035+000
  • Check protocols
035+000
  • Start TLS 1.1 protocol check, amazon.com (205.251.242.103), port 443
035+000
  • Start TLS 1.3 protocol check, amazon.com (205.251.242.103), port 443
035+000
  • Start TLS 1.2 protocol check, amazon.com (205.251.242.103), port 443
036+001
  • Start SSL 2.0 protocol check, amazon.com (205.251.242.103), port 443
036+000
  • Start TLS 1.0 protocol check, amazon.com (205.251.242.103), port 443
036+000
  • Start SSL 3.0 protocol check, amazon.com (205.251.242.103), port 443
062+026
  • Protocol check of SSL 3.0 done in 25ms - failed
    Unable to authenticate connection using SSL 3.0
063+027
  • Protocol check of SSL 2.0 done in 27ms - failed
    Unable to authenticate connection using SSL 2.0
090+055
  • Protocol check of TLS 1.3 done in 54ms - failed
    Unable to authenticate connection using TLS 1.3
123+087
  • Protocol check of TLS 1.0 done in 86ms - all good
125+090
  • Protocol check of TLS 1.1 done in 90ms - all good
126+091
  • Protocol check of TLS 1.2 done in 90ms - all good
126+062
  • TLS 1.2 is supported
    It is noticable, that TLS 1.3 is not supported. Please consider disableing TLS 1.1, 1.0, SSL3 and SSL2 - as of March 2021, TLS 1.1 and 1.0 was oficially depricated, and as of June 2015 SSL3 and SSL2 was depricated. Use of either protocol is not recomended
126+000
  • Done
126+000
  • Check certificate
126+000
  • Load and verify chain of certificates
273+147
  • Full chain of certificates has been loaded and verified in 146ms.
273+000
  • End-Entity certificate verification success
    Certificat '*.peg.a2z.com' SUCCEDED the verification.
273+000
  • Host 'amazon.com' is matching Subject/SAN 'amazon.com' of certificate. All good!
273+000
  • Intermediate certificate verification success
    Certificat 'DigiCert Global CA G2' SUCCEDED the verification.
273+000
  • Root certificate verification success
    Certificat 'DigiCert Global Root G2' SUCCEDED the verification.
273+000
  • Check root store status of root certificate
275+002
  • Trustet by all major trusted root certificate stores
    The root certificte is trustet by ALL major trusted root certificate stores
275+000
  • Done
275+000
  • Done
275+000
  • Done