Check Detail
berlin.de · SSL
Passed
Grade A
100.0%
Result Detail
SSL| Check name | Status | Value |
|---|---|---|
| certificate chain is complete | ✅ Passed | 3 |
| root CA is trusted | ✅ Passed | Trusted |
| cert valid for | ✅ Passed | 24 |
| chain certs are valid until | ✅ Passed | 30.11.2025 |
| CN matches Domainname | ✅ Passed | berlin.de |
| certificate subject | ✅ Passed | CN=berlin.de |
| certificate issuer | ✅ Passed | C=US, O=Let's Encrypt, CN=E8 |
| signature algorithm | ✅ Passed | ecdsa-with-SHA384 |
| TLS protocol | ✅ Passed | TLSv1.3 TLS_CHACHA20_POLY1305_SHA256 |
| Subject Alternative Names | ✅ Passed | *.berlin.de, *.berlinonline.de, *.berlinonline.net, *.prod.kube11.berlinonline.net, *.service.berlin.de, *.styleguide.berlin.de, berlin.de, berlinonline.net |
| Public Key | ✅ Passed | EC 256 |
Certificate chain
| # | Common name | Issuer | Valid until | CA |
|---|---|---|---|---|
| 0 | berlin.de | C=US, O=Let's Encrypt, CN=E8 | 30.11.2025 11:45:53 | No |
| 1 | berlin.de | C=US, O=Let's Encrypt, CN=E8 | 30.11.2025 11:45:53 | No |
| 2 | E8 | C=US, O=Internet Security Research Group, CN=ISRG Root X1 | 13.03.2027 00:59:59 | Yes |
TLS details
| Negotiated protocol | TLSv1.3 |
|---|---|
| Cipher suite | TLS_CHACHA20_POLY1305_SHA256 (256 bit) |
| Cipher version | TLSv1.3 |
| Perfect Forward Secrecy | Attention |
| Earliest chain expiry | 30.11.2025 11:45 |
Fingerprints
| SHA-256 | B7:9E:7E:38:05:0C:11:03:42:1E:6A:17:C3:55:70:8E:0F:C4:F9:01:82:03:1E:4C:35:47:63:8A:78:BC:67:18 |
|---|---|
| SHA-1 | 17:04:E8:96:91:DD:A7:00:B0:01:CA:4A:DC:8D:48:00:F5:24:1C:7C |
Revocation
OCSP URLs
—
CRL URLs
Full Name:
URI:http://e8.c.lencr.org/35.crl
Issuer URLs (AIA)
http://e8.i.lencr.org/
OCSP Must-Staple
No
Trust evaluation
Attempted: Yes
Trusted: Yes
OpenSSL diagnostic command
openssl s_client -connect berlin.de:443 -servername berlin.de