Check Detail
download.com · SSL
Passed
Grade A
100.0%
Result Detail
SSL| Check name | Status | Value |
|---|---|---|
| certificate chain is complete | ✅ OK | 4 |
| root CA is trusted | ✅ OK | Trusted |
| cert valid for | ✅ OK | 86 |
| chain certs are valid until | ✅ OK | 08.01.2026 |
| CN matches Domainname | ✅ OK | download.com |
| certificate subject | ✅ OK | CN=download.com |
| certificate issuer | ✅ OK | C=US, O=Google Trust Services, CN=WR3 |
| signature algorithm | ✅ OK | RSA-SHA256 |
| TLS protocol | ✅ OK | TLSv1.3 TLS_AES_256_GCM_SHA384 |
| Subject Alternative Names | ✅ OK | download.com, www.download.com |
| Public Key | ✅ OK | RSA 2048 |
Certificate chain
| # | Common name | Issuer | Valid until | CA |
|---|---|---|---|---|
| 0 | download.com | C=US, O=Google Trust Services, CN=WR3 | 08.01.2026 21:53:12 | No |
| 1 | download.com | C=US, O=Google Trust Services, CN=WR3 | 08.01.2026 21:53:12 | No |
| 2 | WR3 | C=US, O=Google Trust Services LLC, CN=GTS Root R1 | 20.02.2029 15:00:00 | Yes |
| 3 | GTS Root R1 | C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA | 28.01.2028 01:00:42 | Yes |
TLS details
| Negotiated protocol | TLSv1.3 |
|---|---|
| Cipher suite | TLS_AES_256_GCM_SHA384 (256 bit) |
| Cipher version | TLSv1.3 |
| Perfect Forward Secrecy | Attention |
| Earliest chain expiry | 08.01.2026 21:53 |
Fingerprints
| SHA-256 | A7:07:A5:D0:48:B7:6B:C7:D1:C6:8B:39:9D:D1:EB:19:59:1D:E9:46:A9:FB:94:EC:F5:1F:D4:33:EF:20:66:E9 |
|---|---|
| SHA-1 | EB:E7:F6:FE:BE:0D:EF:4C:1D:7C:FF:BC:1C:2E:19:2E:32:21:F4:AC |
Revocation
OCSP URLs
http://o.pki.goog/s/wr3/4d4
CRL URLs
Full Name:
URI:http://c.pki.goog/wr3/KE4bfPlsk_8.crl
Issuer URLs (AIA)
http://i.pki.goog/wr3.crt
OCSP Must-Staple
No
Trust evaluation
Attempted: Yes
Trusted: Yes
OpenSSL diagnostic command
openssl s_client -connect download.com:443 -servername download.com