www.google.com.hk
检测到当前证书信息已发生变化,您可以点击 刷新报告 进行重新检测 。
证书信息
信任状态 | 可信 |
是 | |
通用名称 | *.google.com.hk |
颁发者 | GTS CA 1C3 |
启用SNI | 是 |
弱密钥检测 | 否 |
加密算法 | ECDSA 256 bits |
签名算法 | SHA256WithRSA |
证书透明(CT) | 是 (Apple: (来自证书,有效)) |
证书品牌 | |
证书类型 | DV SSL |
开始时间 | 2024-03-19 04:48:24 |
结束时间 | 2024-06-11 04:48:23 |
吊销状态 | 正常 |
OCSP装订状态 | 不支持 |
OCSP必须装订 | 否 |
组织机构 | -- |
部门 | -- |
备用名称 | *.google.com.hk google.com.hk *.google.com.hk google.com.hk |
证书链信息 了解详细 下载证书链
颁发给: | *.google.com.hk(根证书来自服务器,会增加额外的握手开销) |
颁发者: | GTS CA 1C3 |
加密算法: | ECDSA 256 bits |
签名算法: | SHA256WithRSA |
证书指纹: | EAA0BE579DB0B03CA1B1B114D768533E114A5B1C |
公钥PIN值: | TiMEJKsKqOKbGSDP+WyPbMMSzHiGtFbXklnf4XDSpLs= |
有效期: | 2024-03-19 ~ 2024-06-11 (剩余 51 天) |
颁发给: | GTS CA 1C3(根证书来自服务器,会增加额外的握手开销) |
颁发者: | GTS Root R1 |
加密算法: | RSA 2048 bits |
签名算法: | SHA256WithRSA |
证书指纹: | 1E7EF647CBA150281C60897257102878C4BD8CDC |
公钥PIN值: | zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w= |
有效期: | 2020-08-13 ~ 2027-09-30 (剩余 1258 天) |
颁发给: | GTS Root R1(根证书来自服务器,会增加额外的握手开销) |
颁发者: | GlobalSign Root CA |
加密算法: | RSA 4096 bits |
签名算法: | SHA256WithRSA |
证书指纹: | 08745487E891C19E3078C1F2A07E452950EF36F6 |
公钥PIN值: | hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc= |
有效期: | 2020-06-19 ~ 2028-01-28 (剩余 1378 天) |
颁发给: | GlobalSign Root CA(根证书来自服务器,会增加额外的握手开销) |
颁发者: | GlobalSign Root CA |
加密算法: | RSA 2048 bits |
签名算法: | SHA1WithRSA |
证书指纹: | B1BC968BD4F49D622AA89A81F2150152A41D829C |
公钥PIN值: | K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q= |
有效期: | 1998-09-01 ~ 2028-01-28 (剩余 1378 天) |
颁发给: | *.google.com.hk (根证书来自服务器,会增加额外的握手开销) |
颁发者: | GTS CA 1C3 |
有效期: | 2024-03-19 ~ 2024-06-11 (剩余 51 天) |
颁发给: | GTS CA 1C3 (根证书来自服务器,会增加额外的握手开销) |
颁发者: | GTS Root R1 |
有效期: | 2020-08-13 ~ 2027-09-30 (剩余 1258 天) |
颁发给: | GTS Root R1 (根证书来自服务器,会增加额外的握手开销) |
颁发者: | GlobalSign Root CA |
有效期: | 2020-06-19 ~ 2028-01-28 (剩余 1378 天) |
颁发给: | GlobalSign Root CA (根证书来自服务器,会增加额外的握手开销) |
颁发者: | GlobalSign Root CA |
有效期: | 1998-09-01 ~ 2028-01-28 (剩余 1378 天) |
信任状态 | 可信 |
是 | |
通用名称 | *.google.com.hk |
颁发者 | GTS CA 1C3 |
启用SNI | 是 |
弱密钥检测 | 否 |
加密算法 | RSA 2048 bits |
签名算法 | SHA256WithRSA |
证书透明(CT) | 是 (Apple: (来自证书,有效)) |
证书品牌 | |
证书类型 | DV SSL |
开始时间 | 2024-03-19 04:48:24 |
结束时间 | 2024-06-11 04:48:23 |
吊销状态 | 正常 |
OCSP装订状态 | 不支持 |
OCSP必须装订 | 否 |
组织机构 | -- |
部门 | -- |
备用名称 | *.google.com.hk google.com.hk *.google.com.hk google.com.hk |
证书链信息 了解详细 下载证书链
颁发给: | *.google.com.hk(根证书来自服务器,会增加额外的握手开销) |
颁发者: | GTS CA 1C3 |
加密算法: | RSA 2048 bits |
签名算法: | SHA256WithRSA |
证书指纹: | 52C505772BCCDD31A3322D8755CEC079632F2294 |
公钥PIN值: | PSqv5AUVZBBudSML0CjTNJwZlJWEfjDzxtCiADUhVHs= |
有效期: | 2024-03-19 ~ 2024-06-11 (剩余 51 天) |
颁发给: | GTS CA 1C3(根证书来自服务器,会增加额外的握手开销) |
颁发者: | GTS Root R1 |
加密算法: | RSA 2048 bits |
签名算法: | SHA256WithRSA |
证书指纹: | 1E7EF647CBA150281C60897257102878C4BD8CDC |
公钥PIN值: | zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w= |
有效期: | 2020-08-13 ~ 2027-09-30 (剩余 1258 天) |
颁发给: | GTS Root R1(根证书来自服务器,会增加额外的握手开销) |
颁发者: | GlobalSign Root CA |
加密算法: | RSA 4096 bits |
签名算法: | SHA256WithRSA |
证书指纹: | 08745487E891C19E3078C1F2A07E452950EF36F6 |
公钥PIN值: | hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc= |
有效期: | 2020-06-19 ~ 2028-01-28 (剩余 1378 天) |
颁发给: | GlobalSign Root CA(根证书来自服务器,会增加额外的握手开销) |
颁发者: | GlobalSign Root CA |
加密算法: | RSA 2048 bits |
签名算法: | SHA1WithRSA |
证书指纹: | B1BC968BD4F49D622AA89A81F2150152A41D829C |
公钥PIN值: | K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q= |
有效期: | 1998-09-01 ~ 2028-01-28 (剩余 1378 天) |
颁发给: | *.google.com.hk (根证书来自服务器,会增加额外的握手开销) |
颁发者: | GTS CA 1C3 |
有效期: | 2024-03-19 ~ 2024-06-11 (剩余 51 天) |
颁发给: | GTS CA 1C3 (根证书来自服务器,会增加额外的握手开销) |
颁发者: | GTS Root R1 |
有效期: | 2020-08-13 ~ 2027-09-30 (剩余 1258 天) |
颁发给: | GTS Root R1 (根证书来自服务器,会增加额外的握手开销) |
颁发者: | GlobalSign Root CA |
有效期: | 2020-06-19 ~ 2028-01-28 (剩余 1378 天) |
颁发给: | GlobalSign Root CA (根证书来自服务器,会增加额外的握手开销) |
颁发者: | GlobalSign Root CA |
有效期: | 1998-09-01 ~ 2028-01-28 (剩余 1378 天) |
信任状态 | 可信 |
否 | |
通用名称 | google.com |
颁发者 | GTS CA 1C3 |
启用SNI | 否 |
弱密钥检测 | 否 |
加密算法 | RSA 2048 bits |
签名算法 | SHA256WithRSA |
证书透明(CT) | 是 (Apple: (来自证书,有效)) |
证书品牌 | |
证书类型 | DV SSL |
开始时间 | 2024-03-19 04:42:26 |
结束时间 | 2024-06-11 04:42:25 |
吊销状态 | 正常 |
OCSP装订状态 | 不支持 |
OCSP必须装订 | 否 |
组织机构 | -- |
部门 | -- |
备用名称 | google.com *.appengine.google.com *.bdn.dev *.origin-test.bdn.dev *.cloud.google.com ...... 查看全部 google.com *.appengine.google.com *.bdn.dev *.origin-test.bdn.dev *.cloud.google.com *.crowdsource.google.com *.datacompute.google.com *.google.ca *.google.cl *.google.co.in *.google.co.jp *.google.co.uk *.google.com.ar *.google.com.au *.google.com.br *.google.com.co *.google.com.mx *.google.com.tr *.google.com.vn *.google.de *.google.es *.google.fr *.google.hu *.google.it *.google.nl *.google.pl *.google.pt *.googleapis.cn *.googlevideo.com *.gstatic.cn *.gstatic-cn.com googlecnapps.cn *.googlecnapps.cn googleapps-cn.com *.googleapps-cn.com gkecnapps.cn *.gkecnapps.cn googledownloads.cn *.googledownloads.cn recaptcha.net.cn *.recaptcha.net.cn recaptcha-cn.net *.recaptcha-cn.net widevine.cn *.widevine.cn ampproject.org.cn *.ampproject.org.cn ampproject.net.cn *.ampproject.net.cn google-analytics-cn.com *.google-analytics-cn.com googleadservices-cn.com *.googleadservices-cn.com googlevads-cn.com *.googlevads-cn.com googleapis-cn.com *.googleapis-cn.com googleoptimize-cn.com *.googleoptimize-cn.com doubleclick-cn.net *.doubleclick-cn.net *.fls.doubleclick-cn.net *.g.doubleclick-cn.net doubleclick.cn *.doubleclick.cn *.fls.doubleclick.cn *.g.doubleclick.cn dartsearch-cn.net *.dartsearch-cn.net googletraveladservices-cn.com *.googletraveladservices-cn.com googletagservices-cn.com *.googletagservices-cn.com googletagmanager-cn.com *.googletagmanager-cn.com googlesyndication-cn.com *.googlesyndication-cn.com *.safeframe.googlesyndication-cn.com app-measurement-cn.com *.app-measurement-cn.com gvt1-cn.com *.gvt1-cn.com gvt2-cn.com *.gvt2-cn.com 2mdn-cn.net *.2mdn-cn.net googleflights-cn.net *.googleflights-cn.net admob-cn.com *.admob-cn.com googlesandbox-cn.com *.googlesandbox-cn.com *.safenup.googlesandbox-cn.com *.gstatic.com *.metric.gstatic.com *.gvt1.com *.gcpcdn.gvt1.com *.gvt2.com *.gcp.gvt2.com *.url.google.com *.youtube-nocookie.com *.ytimg.com android.com *.android.com *.flash.android.com g.cn *.g.cn g.co *.g.co goo.gl www.goo.gl google-analytics.com *.google-analytics.com *.google.com googlecommerce.com *.googlecommerce.com ggpht.cn *.ggpht.cn urchin.com *.urchin.com youtu.be youtube.com *.youtube.com youtubeeducation.com *.youtubeeducation.com youtubekids.com *.youtubekids.com yt.be *.yt.be android.clients.google.com developer.android.google.cn developers.android.google.cn source.android.google.cn developer.chrome.google.cn web.developers.google.cn google.ac *.google.ac google.ad *.google.ad google.ae *.google.ae google.af *.google.af google.ag *.google.ag google.ai *.google.ai google.al *.google.al google.am *.google.am google.as *.google.as google.at *.google.at google.az *.google.az google.ba *.google.ba google.be *.google.be google.bf *.google.bf google.bg *.google.bg google.bi *.google.bi google.bj *.google.bj google.bs *.google.bs google.bt *.google.bt google.by *.google.by google.bzh *.google.bzh google.ca google.cat *.google.cat google.cc *.google.cc google.cd *.google.cd google.cf *.google.cf google.cg *.google.cg google.ch *.google.ch google.ci *.google.ci google.cl google.cm *.google.cm google.cn *.google.cn google.co.ao *.google.co.ao google.co.bw *.google.co.bw google.co.ck *.google.co.ck google.co.cr *.google.co.cr google.co.hu *.google.co.hu google.co.id *.google.co.id google.co.il *.google.co.il google.co.im *.google.co.im google.co.in google.co.je *.google.co.je google.co.jp google.co.ke *.google.co.ke google.co.kr *.google.co.kr google.co.ls *.google.co.ls google.co.ma *.google.co.ma google.co.mz *.google.co.mz google.co.nz *.google.co.nz google.co.th *.google.co.th google.co.tz *.google.co.tz google.co.ug *.google.co.ug google.co.uk google.co.uz *.google.co.uz google.co.ve *.google.co.ve google.co.vi *.google.co.vi google.co.za *.google.co.za google.co.zm *.google.co.zm google.co.zw *.google.co.zw google.com.af *.google.com.af google.com.ag *.google.com.ag google.com.ai *.google.com.ai google.com.ar google.com.au google.com.bd *.google.com.bd google.com.bh *.google.com.bh google.com.bn *.google.com.bn google.com.bo *.google.com.bo google.com.br google.com.by *.google.com.by google.com.bz *.google.com.bz google.com.co google.com.cu *.google.com.cu google.com.cy *.google.com.cy google.com.do *.google.com.do google.com.ec *.google.com.ec google.com.eg *.google.com.eg google.com.et *.google.com.et google.com.fj *.google.com.fj google.com.ge *.google.com.ge google.com.gh *.google.com.gh google.com.gi *.google.com.gi google.com.gr *.google.com.gr google.com.gt *.google.com.gt google.com.hk *.google.com.hk google.com.iq *.google.com.iq google.com.jm *.google.com.jm google.com.jo *.google.com.jo google.com.kh *.google.com.kh google.com.kw *.google.com.kw google.com.lb *.google.com.lb google.com.ly *.google.com.ly google.com.mm *.google.com.mm google.com.mt *.google.com.mt google.com.mx google.com.my *.google.com.my google.com.na *.google.com.na google.com.nf *.google.com.nf google.com.ng *.google.com.ng google.com.ni *.google.com.ni google.com.np *.google.com.np google.com.nr *.google.com.nr google.com.om *.google.com.om google.com.pa *.google.com.pa google.com.pe *.google.com.pe google.com.pg *.google.com.pg google.com.ph *.google.com.ph google.com.pk *.google.com.pk google.com.pl *.google.com.pl google.com.pr *.google.com.pr google.com.py *.google.com.py google.com.qa *.google.com.qa google.com.ru *.google.com.ru google.com.sa *.google.com.sa google.com.sb *.google.com.sb google.com.sg *.google.com.sg google.com.sl *.google.com.sl google.com.sv *.google.com.sv google.com.tj *.google.com.tj google.com.tn *.google.com.tn google.com.tr google.com.tw *.google.com.tw google.com.ua *.google.com.ua google.com.uy *.google.com.uy google.com.vc *.google.com.vc google.com.ve *.google.com.ve google.com.vn google.cv *.google.cv google.cz *.google.cz google.de google.dj *.google.dj google.dk *.google.dk google.dm *.google.dm google.dz *.google.dz google.ee *.google.ee google.es google.eus *.google.eus google.fi *.google.fi google.fm *.google.fm google.fr google.frl *.google.frl google.ga *.google.ga google.gal *.google.gal google.ge *.google.ge google.gg *.google.gg google.gl *.google.gl google.gm *.google.gm google.gp *.google.gp google.gr *.google.gr google.gy *.google.gy google.hk *.google.hk google.hn *.google.hn google.hr *.google.hr google.ht *.google.ht google.hu google.ie *.google.ie google.im *.google.im google.in *.google.in google.info *.google.info google.iq *.google.iq google.ir *.google.ir google.is *.google.is google.it google.it.ao *.google.it.ao google.je *.google.je google.jo *.google.jo google.jobs *.google.jobs google.jp *.google.jp google.kg *.google.kg google.ki *.google.ki google.kz *.google.kz google.la *.google.la google.li *.google.li google.lk *.google.lk google.lt *.google.lt google.lu *.google.lu google.lv *.google.lv google.md *.google.md google.me *.google.me google.mg *.google.mg google.mk *.google.mk google.ml *.google.ml google.mn *.google.mn google.ms *.google.ms google.mu *.google.mu google.mv *.google.mv google.mw *.google.mw google.ne *.google.ne google.ne.jp *.google.ne.jp google.net *.google.net google.ng *.google.ng google.nl google.no *.google.no google.nr *.google.nr google.nu *.google.nu google.off.ai *.google.off.ai google.pk *.google.pk google.pl google.pn *.google.pn google.ps *.google.ps google.pt google.ro *.google.ro google.rs *.google.rs google.ru *.google.ru google.rw *.google.rw google.sc *.google.sc google.se *.google.se google.sh *.google.sh google.si *.google.si google.sk *.google.sk google.sm *.google.sm google.sn *.google.sn google.so *.google.so google.sr *.google.sr google.st *.google.st google.td *.google.td google.tel *.google.tel google.tg *.google.tg google.tk *.google.tk google.tl *.google.tl google.tm *.google.tm google.tn *.google.tn google.to *.google.to google.tt *.google.tt google.us *.google.us google.uz *.google.uz google.vg *.google.vg google.vu *.google.vu google.ws *.google.ws gstatic.com *.2mdn.net *.au.doubleclick.net *.cc-dt.com *.de.doubleclick.net doubleclick.com *.doubleclick.com *.fls.doubleclick.net *.fr.doubleclick.net *.jp.doubleclick.net *.uk.doubleclick.net ad.mo.doubleclick.net doubleclick.net *.doubleclick.net *.googleadsserving.cn google.ua *.google.ua |
证书链信息 了解详细 下载证书链
颁发给: | google.com(根证书来自服务器,会增加额外的握手开销) |
颁发者: | GTS CA 1C3 |
加密算法: | RSA 2048 bits |
签名算法: | SHA256WithRSA |
证书指纹: | B5C7400B72986D55EC14DA572FE2369ECC6325B5 |
公钥PIN值: | VWfXlyrgqamNjNaQTb++MQTfLJQdAhR/o8OlgwEqXTs= |
有效期: | 2024-03-19 ~ 2024-06-11 (剩余 51 天) |
颁发给: | GTS CA 1C3(根证书来自服务器,会增加额外的握手开销) |
颁发者: | GTS Root R1 |
加密算法: | RSA 2048 bits |
签名算法: | SHA256WithRSA |
证书指纹: | 1E7EF647CBA150281C60897257102878C4BD8CDC |
公钥PIN值: | zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w= |
有效期: | 2020-08-13 ~ 2027-09-30 (剩余 1258 天) |
颁发给: | GTS Root R1(根证书来自服务器,会增加额外的握手开销) |
颁发者: | GlobalSign Root CA |
加密算法: | RSA 4096 bits |
签名算法: | SHA256WithRSA |
证书指纹: | 08745487E891C19E3078C1F2A07E452950EF36F6 |
公钥PIN值: | hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc= |
有效期: | 2020-06-19 ~ 2028-01-28 (剩余 1378 天) |
颁发给: | GlobalSign Root CA(根证书来自服务器,会增加额外的握手开销) |
颁发者: | GlobalSign Root CA |
加密算法: | RSA 2048 bits |
签名算法: | SHA1WithRSA |
证书指纹: | B1BC968BD4F49D622AA89A81F2150152A41D829C |
公钥PIN值: | K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q= |
有效期: | 1998-09-01 ~ 2028-01-28 (剩余 1378 天) |
颁发给: | google.com (根证书来自服务器,会增加额外的握手开销) |
颁发者: | GTS CA 1C3 |
有效期: | 2024-03-19 ~ 2024-06-11 (剩余 51 天) |
颁发给: | GTS CA 1C3 (根证书来自服务器,会增加额外的握手开销) |
颁发者: | GTS Root R1 |
有效期: | 2020-08-13 ~ 2027-09-30 (剩余 1258 天) |
颁发给: | GTS Root R1 (根证书来自服务器,会增加额外的握手开销) |
颁发者: | GlobalSign Root CA |
有效期: | 2020-06-19 ~ 2028-01-28 (剩余 1378 天) |
颁发给: | GlobalSign Root CA (根证书来自服务器,会增加额外的握手开销) |
颁发者: | GlobalSign Root CA |
有效期: | 1998-09-01 ~ 2028-01-28 (剩余 1378 天) |
支持协议
TLS 1.3 | 支持 | ||
TLS 1.2 | 支持 | ||
TLS 1.1 | 支持 | ||
TLS 1.0 | 支持 | 1 | |
SSL 3 | 不支持 | ||
SSL 2 | 不支持 |
支持的加密套件
TLS 1.3 (服务器没有顺序偏好) |
TLS_AES_128_GCM_SHA256 (0x1301) 128 bits FS 名称:TLS_AES_128_GCM_SHA256 代码:0x1301 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_AES_256_GCM_SHA384 (0x1302) 256 bits FS 名称:TLS_AES_256_GCM_SHA384 代码:0x1302 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_CHACHA20_POLY1305_SHA256 (0x1303) 256 bits FS 名称:TLS_CHACHA20_POLY1305_SHA256 代码:0x1303 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES |
TLS 1.2 (服务器没有顺序偏好) |
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xC02B) 128 bits FS 名称:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 代码:0xC02B 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xCCA9) 256 bits FS 名称:TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 代码:0xCCA9 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xC02C) 256 bits FS 名称:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 代码:0xC02C 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xC009) 128 bits FS 名称:TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 代码:0xC009 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xC00A) 256 bits FS 名称:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 代码:0xC00A 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F) 128 bits FS 名称:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 代码:0xC02F 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xCCA8) 256 bits FS 名称:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 代码:0xCCA8 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xC030) 256 bits FS 名称:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 代码:0xC030 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xC013) 128 bits FS 名称:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 代码:0xC013 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xC014) 256 bits FS 名称:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 代码:0xC014 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9C) 128 bits 名称:TLS_RSA_WITH_AES_128_GCM_SHA256 代码:0x9C 描述: 加密强度:128 bits 正向加密:NO 是否安全:WEAK TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9D) 256 bits 名称:TLS_RSA_WITH_AES_256_GCM_SHA384 代码:0x9D 描述: 加密强度:256 bits 正向加密:NO 是否安全:WEAK TLS_RSA_WITH_AES_128_CBC_SHA (0x2F) 128 bits 名称:TLS_RSA_WITH_AES_128_CBC_SHA 代码:0x2F 描述: 加密强度:128 bits 正向加密:NO 是否安全:WEAK TLS_RSA_WITH_AES_256_CBC_SHA (0x35) 256 bits 名称:TLS_RSA_WITH_AES_256_CBC_SHA 代码:0x35 描述: 加密强度:256 bits 正向加密:NO 是否安全:WEAK TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xA) 112 bits 名称:TLS_RSA_WITH_3DES_EDE_CBC_SHA 代码:0xA 描述: 加密强度:112 bits 正向加密:NO 是否安全:WEAK |
TLS 1.1 (服务器没有顺序偏好) |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xC009) 128 bits FS 名称:TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 代码:0xC009 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xC00A) 256 bits FS 名称:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 代码:0xC00A 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xC013) 128 bits FS 名称:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 代码:0xC013 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xC014) 256 bits FS 名称:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 代码:0xC014 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_RSA_WITH_AES_128_CBC_SHA (0x2F) 128 bits 名称:TLS_RSA_WITH_AES_128_CBC_SHA 代码:0x2F 描述: 加密强度:128 bits 正向加密:NO 是否安全:WEAK TLS_RSA_WITH_AES_256_CBC_SHA (0x35) 256 bits 名称:TLS_RSA_WITH_AES_256_CBC_SHA 代码:0x35 描述: 加密强度:256 bits 正向加密:NO 是否安全:WEAK TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xA) 112 bits 名称:TLS_RSA_WITH_3DES_EDE_CBC_SHA 代码:0xA 描述: 加密强度:112 bits 正向加密:NO 是否安全:WEAK |
TLS 1.0 (服务器没有顺序偏好) |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xC009) 128 bits FS 名称:TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 代码:0xC009 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xC00A) 256 bits FS 名称:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 代码:0xC00A 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xC013) 128 bits FS 名称:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 代码:0xC013 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xC014) 256 bits FS 名称:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 代码:0xC014 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_RSA_WITH_AES_128_CBC_SHA (0x2F) 128 bits 名称:TLS_RSA_WITH_AES_128_CBC_SHA 代码:0x2F 描述: 加密强度:128 bits 正向加密:NO 是否安全:WEAK TLS_RSA_WITH_AES_256_CBC_SHA (0x35) 256 bits 名称:TLS_RSA_WITH_AES_256_CBC_SHA 代码:0x35 描述: 加密强度:256 bits 正向加密:NO 是否安全:WEAK TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xA) 112 bits 名称:TLS_RSA_WITH_3DES_EDE_CBC_SHA 代码:0xA 描述: 加密强度:112 bits 正向加密:NO 是否安全:WEAK |
协议详情
HTTP/2 | 支持 | |
新型的TLS配置 | 是 | |
支持TLS 1.3 | 支持 | |
期望CT | 不支持 | |
OCSP装订 | 不支持 | |
预防降级攻击 | 支持 | |
正向保密 | 支持 | |
HTTP严格传输安全(HSTS) | 不支持 | |
公钥固定(HPKP) | 不支持 | |
公钥固定报告 | 不支持 | |
XSS保护 | 支持 | 0 |
CAA | 支持 | pki.goog , |
NPN | 支持 | grpc-exp,h2,http/1.1 |
ALPN | 支持 | h2,http/1.1 |
TLS心跳(扩展) | 不支持 | |
支持的EC椭圆曲线 | 支持 | x25519,secp256r1 (服务器顺序优先) |
SSL2握手兼容 | 支持 | |
会话恢复(caching) | 不支持 | 服务端分配SessionID,但是不接受 |
会话恢复(Ticket) | 支持 | |
STARTTLS | 不支持 | |
过长的ClientHello兼容 | 不支持 | |
未知TLS版本兼容 | 不支持 | |
不正确的SNI警告 | 不支持 | |
DH公钥参数重用 | 否 | 不支持DHE系列的加密套件 |
ECDH公钥参数重用 | 否 | |
服务端安全重协商 | 支持 | |
客户端安全重协商 | 不支持 | |
客户端不安全重协商 | 不支持 | |
支持RC4套件 | 不支持 | |
是否为邮件服务器 | 否 |
SSL漏洞
是否影响 | 危险系数 | 说明 | |
---|---|---|---|
因系统升级改造,相关功能暂停服务! | |||
DROWN 漏洞 | |||
OpenSSL Padding Oracle 攻击 | |||
FREAK漏洞 | |||
Logjam漏洞 | |||
OpenSSL CCS 注入漏洞 | |||
心血漏洞(Heartbleed) | |||
POODLE漏洞 | |||
CRIME漏洞 |
客户端握手模拟
Android 4.4.2 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Android 5.0.0 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Android 6.0 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > http/1.1 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Android 7.0 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 FS | |
Android 8.0 No FS1 No SNI2 | 握手失败 (handshake_failure) | |||
Android 9.0 No FS1 No SNI2 | 握手失败 (handshake_failure) | |||
Baiduspider/2.0 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Googlebot/2.0 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
YandexBot July 2018 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
360Spider July 2018 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
SougouSpider July 2018 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Baidu HTTPS认证 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
BingPreview Jan 2015 No FS1 No SNI2 | RSA(SHA256) | TLSv1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 FS | |
Chrome 49 / XP SP3 No FS1 No SNI2 | RSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 FS | |
Chrome 51 / Win 7 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Chrome 63 /macOS High Sierra 10.13.2 No FS1 No SNI2 | 握手失败 (decode_error) | |||
Chrome 69 / Win 10 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Chrome 71 / Win 10 No FS1 No SNI2 | 握手失败 () | |||
Chrome 80 / Win 10 No FS1 No SNI2 | 握手失败 () | |||
Firefox 31.3.0 ESR / Win 7 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Firefox 47 / Win 7 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Firefox 49 / XP SP3 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Firefox 49 / Win 7 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Firefox 57 /macOS High Sierra 10.13.2 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Firefox 62 / Win 10 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Firefox 64 / win 10 No FS1 No SNI2 | 握手失败 () | |||
Firefox 73 / Win 10 No FS1 No SNI2 | 握手失败 () | |||
IE 6 / XP No FS1 No SNI2 | 握手失败 (protocol_version) | |||
IE 7 / Vista No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.0 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA FS | |
IE 8 / XP No FS1 No SNI2 | RSA(SHA256) | TLSv1.0 | TLS_RSA_WITH_3DES_EDE_CBC_SHA | |
IE 8-10 / Win 7 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.0 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA FS | |
IE 11 / Win 7 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
IE 11 / Win 8.1 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > http/1.1 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
IE 10 / Win Phone 8.0 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.0 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA FS | |
IE 11 / Win Phone 8.1 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > http/1.1 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
IE 11 / Win Phone 8.1 Update No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > http/1.1 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
IE 11 / Win 10 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Edge 13 / Win 10 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Edge 13 / Win Phone 10 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Java 6u45 No FS1 No SNI2 | RSA(SHA256) | TLSv1.0 | TLS_RSA_WITH_AES_128_CBC_SHA | |
Java 7u25 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.0 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA FS | |
Java 8u31 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Java 11.0.3 No FS1 No SNI2 | 握手失败 (连接超时) | |||
OpenSSL 0.9.8y No FS1 No SNI2 | RSA(SHA256) | TLSv1.0 | TLS_RSA_WITH_AES_128_CBC_SHA | |
OpenSSL 1.0.1l No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
OpenSSL 1.0.2e No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Openssl 1.1.1 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 FS | |
Safari 5.1.9 / OS X 10.6.8 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.0 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA FS | |
Safari 6 / iOS 6.0.1 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA FS | |
Safari 6.0.4 / OS X 10.8.4 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.0 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA FS | |
Safari 7 / iOS 7.1 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA FS | |
Safari 7 / OS X 10.9 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA FS | |
Safari 8 / iOS 8.4 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA FS | |
Safari 8 / OS X 10.10 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA FS | |
Safari 9 / iOS 9 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Safari 9 / OS X 10.11 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Safari 10 / iOS 10 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Safari 10 / OS X 10.12 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Apple ATS 9 / iOS 9 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Yahoo Slurp Jan 2015 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
UC浏览器 6 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
360浏览器 13 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
360极速浏览器 8 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
360浏览器 12 No FS1 No SNI2 | 握手失败 () | |||
360浏览器 8 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
QQ浏览器 9 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
世界之窗浏览器 7 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
猎豹浏览器 6 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
傲游浏览器 5 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
搜狗浏览器 7 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
百度浏览器 8 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS |
证书兼容性测试
ECC | RSA | RSA | |
---|---|---|---|
Android 2.3 (Gingerbread) | |||
Android 4.0 (Ice Cream Sandwich) | |||
Android 4.1 (Jelly Bean) | |||
Android 4.2 (Jelly Bean) | |||
Android 4.3 (Jelly Bean) | |||
Android 4.4 (KitKat) | |||
Android 5.0 (Lollipop) | |||
Android 5.1 (Lollipop) | |||
Android 6.0 (Marshmallow) | |||
Android 7.0 (Android Nougat) | |||
Android 7.1 (Android Nougat) | |||
Android 8.0 (Android Oreo) | |||
Android 9.0 (Android Pie) | |||
Android 10.0 (Android Q) | |||
Android 11.0 (Android R) | |||
iOS 5-6 | |||
iOS 7 | |||
iOS 8 | |||
iOS 9 | |||
iOS 10 | |||
iOS 11 | |||
iOS 12 | |||
iOS 13 | |||
iOS 14 | |||
OS X 10.9 (Mavericks) | |||
OS X 10.10 (Yosemite) | |||
OS X 10.11 (Eicapitan) | |||
OS X 10.12 (Sierra) | |||
OS X 10.13 (High Sierra) | |||
OS X 10.14 (Mojave) | |||
java 7u181 | |||
java 8u161 | |||
java_8u181 | |||
java_8u202 | |||
java 9 | |||
java 10 | |||
java 11 | |||
java 12 | |||
java 13 | |||
java 17 | |||
Firefox 3.0 | |||
Firefox 3.5 | |||
Firefox 3.6 | |||
Firefox 6.0 | |||
Firefox 16 | |||
Firefox 23 | |||
Firefox 32 | |||
Firefox 42 | |||
Firefox 50 | |||
Firefox 51 | |||
Firefox 54 | |||
Firefox 58 | |||
Firefox 63 | |||
Firefox 65 | |||
Windows XP | |||
Windows 7 | |||
Windows 8 | |||
Windows 10 |
配置指南:
说明:
- SNI:服务器名称指示,这是一个的TLS扩展,允许服务器在相同的IP和端口上部署多个证书。
- PFS:PFS(perfect forward secrecy)完全正向保密,要求一个密钥只能用于一个连接,一个密钥被破解,并不影响其他密钥的安全性。
- HPKP:公钥固定,这是一种https网站防止攻击者使用CA错误颁发的证书进行中间人攻击的一种安全机制。
- HSTS:这是一个响应头,用来强制启用HTTPS协议,解决301跳转的劫持的问题。
- OCSP:Online Certificate Status Protocol 证书吊销状态在线检查协议。
- OCSP Stapling:OCSP装订,通过TLS握手时传输吊销状态,加快SSL完成握手的速度。
登录后查看更多信息
登录