TLS/SSL check of 'google.com (2607:f8b0:4009:805::200e)'

Multiple A-records!

The domain 'google.com' has severals A/AAAA-records - and thereby multiple IP's to check.

click to use
172.217.4.78

Summary


Host:
google.com, 2607:f8b0:4009:805::200e, port 443


Protocols:
All good
 4 supported protocols: TLS 1.3, TLS 1.2, TLS 1.1, TLS 1.0


Certificate:
All good
 Certificate '*.google.com' is verified okay. Issued by 'WR2'. Expires 2024-09-16.

Protocol support



Protocol support:
TLS 1.3
Supported
TLS 1.2
Supported
TLS 1.1
Supported
TLS 1.0
Supported
SSL 3.0
No support
SSL 2.0
No support

Verification:
TLS 1.3 is supported
 
Consider disableing TLS 1.1, 1.0, SSL3 and SSL2 - as of March 2021, TLS 1.1 and 1.0 was officially deprecated, and as of June 2015 SSL3 and SSL2 was deprecated. Use of either protocol is not recomended

Chain of certificates

3 of 3 - End-Entity
*.google.com


Certificat:
*.google.com

Issued by:
WR2, Google Trust Services, US

Valid:
From 2024-06-24 to 2024-09-16

Verification:
Certificate is verified okay

SAN's:
*.google.com
*.appengine.google.com
*.bdn.dev
*.origin-test.bdn.dev
*.cloud.google.com
*.crowdsource.google.com
*.datacompute.google.com
*.google.ca
*.google.cl
*.google.co.in
*.google.co.jp
*.google.co.uk
*.google.com.ar
*.google.com.au
*.google.com.br
*.google.com.co
*.google.com.mx
*.google.com.tr
*.google.com.vn
*.google.de
*.google.es
*.google.fr
*.google.hu
*.google.it
*.google.nl
*.google.pl
*.google.pt
*.googleapis.cn
*.googlevideo.com
*.gstatic.cn
*.gstatic-cn.com
googlecnapps.cn
*.googlecnapps.cn
googleapps-cn.com
*.googleapps-cn.com
gkecnapps.cn
*.gkecnapps.cn
googledownloads.cn
*.googledownloads.cn
recaptcha.net.cn
*.recaptcha.net.cn
recaptcha-cn.net
*.recaptcha-cn.net
widevine.cn
*.widevine.cn
ampproject.org.cn
*.ampproject.org.cn
ampproject.net.cn
*.ampproject.net.cn
google-analytics-cn.com
*.google-analytics-cn.com
googleadservices-cn.com
*.googleadservices-cn.com
googlevads-cn.com
*.googlevads-cn.com
googleapis-cn.com
*.googleapis-cn.com
googleoptimize-cn.com
*.googleoptimize-cn.com
doubleclick-cn.net
*.doubleclick-cn.net
*.fls.doubleclick-cn.net
*.g.doubleclick-cn.net
doubleclick.cn
*.doubleclick.cn
*.fls.doubleclick.cn
*.g.doubleclick.cn
dartsearch-cn.net
*.dartsearch-cn.net
googletraveladservices-cn.com
*.googletraveladservices-cn.com
googletagservices-cn.com
*.googletagservices-cn.com
googletagmanager-cn.com
*.googletagmanager-cn.com
googlesyndication-cn.com
*.googlesyndication-cn.com
*.safeframe.googlesyndication-cn.com
app-measurement-cn.com
*.app-measurement-cn.com
gvt1-cn.com
*.gvt1-cn.com
gvt2-cn.com
*.gvt2-cn.com
2mdn-cn.net
*.2mdn-cn.net
googleflights-cn.net
*.googleflights-cn.net
admob-cn.com
*.admob-cn.com
googlesandbox-cn.com
*.googlesandbox-cn.com
*.safenup.googlesandbox-cn.com
*.gstatic.com
*.metric.gstatic.com
*.gvt1.com
*.gcpcdn.gvt1.com
*.gvt2.com
*.gcp.gvt2.com
*.url.google.com
*.youtube-nocookie.com
*.ytimg.com
android.com
*.android.com
*.flash.android.com
g.cn
*.g.cn
g.co
*.g.co
goo.gl
www.goo.gl
google-analytics.com
*.google-analytics.com
google.com
googlecommerce.com
*.googlecommerce.com
ggpht.cn
*.ggpht.cn
urchin.com
*.urchin.com
youtu.be
youtube.com
*.youtube.com
youtubeeducation.com
*.youtubeeducation.com
youtubekids.com
*.youtubekids.com
yt.be
*.yt.be
android.clients.google.com
*.android.google.cn
*.chrome.google.cn
*.developers.google.cn

Key:
ECC
Signature algorithm:
sha256RSA

Serial:
00C9A1C248DDCBB3380A95E0A01DC27F78

PEM format:

2 of 3 - Intermediate
WR2


Certificat:
WR2, Google Trust Services, US

Issued by:
GTS Root R1, Google Trust Services LLC, US

Valid:
From 2023-12-13 to 2029-02-20

Verification:
Certificate is verified okay

Key:
RSA, 2048 bit
Signature algorithm:
sha256RSA

Serial:
7FF005A07C4CDED100AD9D66A5107B98

PEM format:

1 of 3 - Root certificate
GTS Root R1


Certificat:
GTS Root R1, Google Trust Services LLC, US

Issued by:
GTS Root R1, Google Trust Services LLC, US

Valid:
From 2016-06-21 to 2036-06-21

Verification:
Certificate is verified okay

Key:
RSA, 4096 bit
Signature algorithm:
sha384RSA

Serial:
6E47A9C54B470C0DEC33D089B91CF4E1

PEM format:

Root Store trust

GTS Root R1


Issued by:
Google Trust Services LLC

Root Store trust:
The root certificte is trustet by ALL major trusted root certificate stores

Microsoft:
Root Certificate is fully trusted by Microsoft (Windows)

Apple:
Root Certificate is fully is trusted by Apple (iOS, iPadOS, macOS)

Android:
Root Certificate is fully is trusted by Android

API

You may perform this lookup using the API and get the results as easy-to-parse JSON data.

Read more on the API at https://iamroot.tech/about/api (regarding authentication and rate limits, among other things), or give it a go right away using the 'try it' button.

 
GET
https://iamroot.tech/ssl-certificate-check/api/?host=google.com copy try it
 

Log

039+039
  • Host 'google.com' resolved in 38ms
039+000
  • INFMultiple A-records!
    Domain 'google.com' has several A-records, and thereby multiple IPs to check. IP 2607:f8b0:4009:805::200e will be used.
039+000
  • Check protocols
039+000
  • Start SSL 2.0 protocol check, google.com (2607:f8b0:4009:805::200e), port 443
039+000
  • Start TLS 1.3 protocol check, google.com (2607:f8b0:4009:805::200e), port 443
040+000
  • Start TLS 1.2 protocol check, google.com (2607:f8b0:4009:805::200e), port 443
040+000
  • Start TLS 1.1 protocol check, google.com (2607:f8b0:4009:805::200e), port 443
040+000
  • Start SSL 3.0 protocol check, google.com (2607:f8b0:4009:805::200e), port 443
040+000
  • Start TLS 1.0 protocol check, google.com (2607:f8b0:4009:805::200e), port 443
049+010
  • Protocol check of SSL 2.0 done in 9ms - failed
    Unable to authenticate connection using SSL 2.0
049+009
  • Protocol check of SSL 3.0 done in 9ms - failed
    Unable to authenticate connection using SSL 3.0
071+032
  • Protocol check of TLS 1.2 done in 31ms - all good
071+031
  • Protocol check of TLS 1.0 done in 31ms - all good
072+032
  • Protocol check of TLS 1.1 done in 31ms - all good
075+036
  • Protocol check of TLS 1.3 done in 35ms - all good
075+026
  • TLS 1.3 is supported
    Consider disableing TLS 1.1, 1.0, SSL3 and SSL2 - as of March 2021, TLS 1.1 and 1.0 was officially deprecated, and as of June 2015 SSL3 and SSL2 was deprecated. Use of either protocol is not recomended
075+000
  • Done
075+000
  • Check certificate
075+000
  • Load and verify chain of certificates
216+141
  • Full chain of certificates has been loaded and verified in 140ms.
216+000
  • End-Entity certificate verification success
    Certificat '*.google.com' SUCCEDED the verification.
217+000
  • Host 'google.com' is matching Subject/SAN 'google.com' of certificate. All good!
217+000
  • Intermediate certificate verification success
    Certificat 'WR2' SUCCEDED the verification.
217+000
  • Root certificate verification success
    Certificat 'GTS Root R1' SUCCEDED the verification.
217+000
  • Check root store status of root certificate
218+002
  • Trustet by all major trusted root certificate stores
    The root certificte is trustet by ALL major trusted root certificate stores
218+000
  • Done
218+000
  • Done
218+000
  • Done