Get Your FREE
TLS Compliance
Report Now!
Get your free report now
The report is a free SSL compliance check (TLS compliance test) against NIST 800-52 (PCI, HIPAA & FFIEC) data-in-transit standards including handshake, versions, ciphers, certificate and server configuration detail.
Addresses that match the domain name, will also receive a free detailed subdomain report via email
Sample Report Below
Free SSL compliance check (TLS compliance test) against NIST 800-52 (PCI, HIPAA & FFIEC) data-in-transit standards including handshake, versions, ciphers, certificate and server configuration detail.
Overall Compliance Summary
Overall compliance score is:
B | 85%
* Weak Cipher Suites present
TLS Handshake
13/20
Certificates
58/62
Cipher Quality
RECOMMENDED
60%
All 'recommended' ciphers are 'secure' ciphers by definition. Recommended means that these ciphers also support PFS (Perfect Forward Secrecy) and should be your first choice if you want the highest level of security
SECURE
20%
Secure ciphers are considered state-of-the-art and if you want to secure your web server you should certainly choose from this set
WEAK
60%
These ciphers are old and should be disabled if you are setting up a new server for example
INSECURE
0%
These ciphers are very old and shouldn't be used under any circumstances
Key Strength
90%
NIST Compliance
NIST
NIST Including CHACHA
ChaCha2020/Poly1305 is not a NIST approved cipher suite but considered secure for commercial use and is widely deployed. This score is calculated assuming CHACHA is also compliant.
Overall Server Status
Total Servers
3
Expired Certificates
1
Insecure Cipher Suites
0
Support TLS 1.1
3
Support TLS 1.0
3
Server Status
Server
as on Apr 14
B | 85%
Parameter Status
TLS Handshake
13/20
Certificates
58/62
Cipher Quality
RECOMMENDED
60%
All 'recommended' ciphers are 'secure' ciphers by definition. Recommended means that these ciphers also support PFS (Perfect Forward Secrecy) and should be your first choice if you want the highest level of security
SECURE
20%
Secure ciphers are considered state-of-the-art and if you want to secure your web server you should certainly choose from this set
WEAK
60%
These ciphers are old and should be disabled if you are setting up a new server for example
INSECURE
0%
These ciphers are very old and shouldn't be used under any circumstances
Key Strength
90%
NIST Compliance
NIST
NIST Including CHACHA
ChaCha2020/Poly1305 is not a NIST approved cipher suite but considered secure for commercial use and is widely deployed. This score is calculated assuming CHACHA is also compliant.
Last Month :0
Last Quarter :0
Last Year :0
- TLS 1.3
- TLS 1.2
- TLS 1.1
- TLS 1.0
Compliance Score
B | 89%
TLS Handshake
7/9
Certificates
RSA
15/15
ECDSA
14/16
Cipher Quality
RECOMMENDED
100%
All 'recommended' ciphers are 'secure' ciphers by definition. Recommended means that these ciphers also support PFS (Perfect Forward Secrecy) and should be your first choice if you want the highest level of security
SECURE
0%
Secure ciphers are considered state-of-the-art and if you want to secure your web server you should certainly choose from this set
WEAK
0%
These ciphers are old and should be disabled if you are setting up a new server for example
INSECURE
0%
These ciphers are very old and shouldn't be used under any circumstances
Key Strength
90%
NIST Compliance
NIST
NIST Including CHACHA
ChaCha2020/Poly1305 is not a NIST approved cipher suite but considered secure for commercial use and is widely deployed. This score is calculated assuming CHACHA is also compliant.
Parameter Status
TLS Handshake
Parameters | NIST Compliance | ||
| |||
Server Name Indication Extension Support | |||
Supported Versions Extension Support | |||
Signed Certificate Timestamps Extension Support | |||
Supported Groups Extension Support | |||
Key Share Extension Support | |||
Supported Cipher Suites | |||
Early Data Indication Extension Support | |||
Certificate Status Request Extension Support | |||
Signature Algorithms Extension Support |
Expires in : 2 months
Certificates - RSA
Valid From :
11/20/2023
Valid Until : 02/12/2024
Valid Until : 02/12/2024
Parameters | NIST Compliance | ||
| |||
Public Cert Auth Key Identifier | |||
Public Cert Subject DN | |||
Public Cert Expiry Date | |||
Public Cert Extended Key Usage | |||
Public Cert Auth Info | |||
Public Cert Issuer Signature Algorithm | |||
Public Cert Subject DN CN | |||
Public Cert Type | |||
Public Cert Issuer DN | |||
Public Cert Sub Key Identifier | |||
Public Cert Signature Algorithm | |||
Public Cert Key Usage | |||
Public Cert SAN Entries | |||
Public Cert Key Length | |||
Public Cert Version (X509 Version) |
Expires in : 2 months
Certificates - ECDSA
Valid From :
11/20/2023
Valid Until : 02/12/2024
Valid Until : 02/12/2024
Parameters | NIST Compliance | ||
| |||
Public Cert Auth Key Identifier | |||
Public Cert Subject DN | |||
Public Cert Expiry Date | |||
Public Cert Extended Key Usage | |||
Public Cert Auth Info | |||
Public Cert Issuer Signature Algorithm | |||
Public Cert Subject DN CN | |||
ECDSA Public Key Curve | |||
Public Cert Type | |||
Public Cert Issuer DN | |||
Public Cert Sub Key Identifier | |||
Public Cert Signature Algorithm | |||
Public Cert Key Usage | |||
Public Cert SAN Entries | |||
Public Cert Key Length | |||
Public Cert Version (X509 Version) |
Cipher Suites
Parameters | NIST Compliance | ||
| |||
RECOMMENDED | |||
TLS_AKE_WITH_AES_128_GCM_SHA256 | |||
TLS_AKE_WITH_AES_256_GCM_SHA384 | |||
TLS_AKE_WITH_CHACHA20_POLY1305_SHA256 |