hogehoge

hogehoge

 

 

このサイトのSSL評価について

https://www.ssllabs.com/ssltest/analyze.html?d=yrm.in

 

以下コピペ

 

SSL Labs logo

Home Projects Qualys Free Trial Contact


You are here:  Home > Projects > SSL Server Test > yrm.in

SSL Report: yrm.in (150.95.8.212)

Assessed on:  Tue, 06 Aug 2019 04:54:43 UTC | Hide | Clear cache

Scan Another »


Summary

Overall Rating

A+

Visit our documentation page for more information, configuration guides, and books. Known issues are documented here.

This site works only in browsers with SNI support.

Experimental: This server supports TLS 1.3 (RFC 8446).

HTTP Strict Transport Security (HSTS) with long duration deployed on this server.  MORE INFO »

Certificate #1: RSA 2048 bits (SHA256withRSA)

https://www.ssllabs.com/images/icon-certificate.png

Server Key and Certificate #1

 

Subject

yrm.in 
Fingerprint SHA256: 8ba8f254412a4cc5a16df31adbeb357a76daf6a927e1078036bc95141f949d90
Pin SHA256: YMwpjLTUeFyUhWv1btZH/X5qrXr7z4fck7LtKWeU+VE=

Common names

yrm.in

Alternative names

yrm.in

Serial Number

04cb4843e69843e521efa7f5c478404907bf

Valid from

Mon, 05 Aug 2019 02:05:52 UTC

Valid until

Sun, 03 Nov 2019 02:05:52 UTC (expires in 2 months and 27 days)

Key

RSA 2048 bits (e 65537)

Weak key (Debian)

No

Issuer

Let's Encrypt Authority X3 
AIA: http://cert.int-x3.letsencrypt.org/ 

Signature algorithm

SHA256withRSA

Extended Validation

No

Certificate Transparency

Yes (certificate)

OCSP Must Staple

No

Revocation information

OCSP 
OCSP: http://ocsp.int-x3.letsencrypt.org 

Revocation status

Good (not revoked)

DNS CAA

No (more info)

Trusted

Yes 
Mozilla  Apple  Android  Java  Windows 



https://www.ssllabs.com/images/icon-certificates.png

Additional Certificates (if supplied)

 

Certificates provided

2 (2526 bytes)

Chain issues

None

#2

Subject

Let's Encrypt Authority X3 
Fingerprint SHA256: 25847d668eb4f04fdd40b12b6b0740c567da7d024308eb6c2c96fe41d9de218d
Pin SHA256: YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg=

Valid until

Wed, 17 Mar 2021 16:40:46 UTC (expires in 1 year and 7 months)

Key

RSA 2048 bits (e 65537)

Issuer

DST Root CA X3

Signature algorithm

SHA256withRSA



https://www.ssllabs.com/images/icon-chain.png

https://www.ssllabs.com/images/expand.pngCertification Paths

Click here to expand

Certificate #2: RSA 2048 bits (SHA256withRSA) No SNIhttps://www.ssllabs.com/images/expand.png

Click here to expand

Configuration

https://www.ssllabs.com/images/icon-protocol.png

Protocols

TLS 1.3

Yes

TLS 1.2

Yes

TLS 1.1

No

TLS 1.0

No

SSL 3

No

SSL 2

No

For TLS 1.3 tests, we only support RFC 8446.



https://www.ssllabs.com/images/icon-cipher.png

Cipher Suites

https://www.ssllabs.com/images/collapse.png

# TLS 1.3 (suites in server-preferred order)

TLS_AES_256_GCM_SHA384 (0x1302)   ECDH x25519 (eq. 3072 bits RSA)   FS

256

TLS_CHACHA20_POLY1305_SHA256 (0x1303)   ECDH x25519 (eq. 3072 bits RSA)   FS

256

TLS_AES_128_GCM_SHA256 (0x1301)   ECDH x25519 (eq. 3072 bits RSA)   FS

128

https://www.ssllabs.com/images/collapse.png

# TLS 1.2 (suites in server-preferred order)

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)   ECDH x25519 (eq. 3072 bits RSA)   FS

128

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)   ECDH x25519 (eq. 3072 bits RSA)   FS

256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK

128

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK

128

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK

256

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK

256

TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c)   WEAK

128

TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d)   WEAK

256

TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)   WEAK

128

TLS_RSA_WITH_AES_256_CBC_SHA (0x35)   WEAK

256

TLS_DHE_RSA_WITH_AES_256_CCM_8 (0xc0a3)   DH 2048 bits   FS

256

TLS_DHE_RSA_WITH_AES_256_CCM (0xc09f)   DH 2048 bits   FS

256

TLS_DHE_RSA_WITH_AES_128_CCM_8 (0xc0a2)   DH 2048 bits   FS

128

TLS_DHE_RSA_WITH_AES_128_CCM (0xc09e)   DH 2048 bits   FS

128

TLS_RSA_WITH_AES_256_CCM_8 (0xc0a1)   WEAK

256

TLS_RSA_WITH_AES_256_CCM (0xc09d)   WEAK

256

TLS_RSA_WITH_AES_128_CCM_8 (0xc0a0)   WEAK

128

TLS_RSA_WITH_AES_128_CCM (0xc09c)   WEAK

128

TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d)   WEAK

256

TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)   WEAK

128

TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 (0xc077)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK

256

TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 (0xc4)   DH 2048 bits   FS   WEAK

256

TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 (0xc076)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK

128

TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 (0xbe)   DH 2048 bits   FS   WEAK

128

TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 (0xc0)   WEAK

256

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 (0xba)   WEAK

128

TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x84)   WEAK

256

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x41)   WEAK

128



https://www.ssllabs.com/images/icon-handshake.png

Handshake Simulation

Android 4.4.2

RSA 2048 (SHA256)  

TLS 1.2

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

Android 5.0.0

RSA 2048 (SHA256)  

TLS 1.2

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

Android 6.0

RSA 2048 (SHA256)  

TLS 1.2 > http/1.1  

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

Android 7.0

RSA 2048 (SHA256)  

TLS 1.2 > h2  

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH x25519  FS

BingPreview Jan 2015

RSA 2048 (SHA256)  

TLS 1.2

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

Chrome 49 / XP SP3

RSA 2048 (SHA256)  

TLS 1.2 > h2  

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

Chrome 69 / Win 7  R

RSA 2048 (SHA256)  

TLS 1.2 > h2  

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH x25519  FS

Chrome 70 / Win 10

-  

TLS 1.3

TLS_AES_256_GCM_SHA384   ECDH x25519  FS

Firefox 31.3.0 ESR / Win 7

RSA 2048 (SHA256)  

TLS 1.2

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

Firefox 47 / Win 7  R

RSA 2048 (SHA256)  

TLS 1.2 > h2  

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

Firefox 49 / XP SP3

RSA 2048 (SHA256)  

TLS 1.2 > h2  

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

Firefox 62 / Win 7  R

RSA 2048 (SHA256)  

TLS 1.2 > h2  

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH x25519  FS

Googlebot Feb 2018

RSA 2048 (SHA256)  

TLS 1.2

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH x25519  FS

IE 11 / Win 7  R

RSA 2048 (SHA256)  

TLS 1.2

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   ECDH secp256r1  FS

IE 11 / Win 8.1  R

RSA 2048 (SHA256)  

TLS 1.2 > http/1.1  

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   ECDH secp256r1  FS

IE 11 / Win Phone 8.1  R

RSA 2048 (SHA256)  

TLS 1.2 > http/1.1  

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   ECDH secp256r1  FS

IE 11 / Win Phone 8.1 Update  R

RSA 2048 (SHA256)  

TLS 1.2 > http/1.1  

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   ECDH secp256r1  FS

IE 11 / Win 10  R

RSA 2048 (SHA256)  

TLS 1.2 > h2  

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

Edge 15 / Win 10  R

RSA 2048 (SHA256)  

TLS 1.2 > h2  

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH x25519  FS

Edge 13 / Win Phone 10  R

RSA 2048 (SHA256)  

TLS 1.2 > h2  

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

Java 8u161

RSA 2048 (SHA256)  

TLS 1.2

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

OpenSSL 1.0.1l  R

RSA 2048 (SHA256)  

TLS 1.2

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

OpenSSL 1.0.2e  R

RSA 2048 (SHA256)  

TLS 1.2

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

Safari 6 / iOS 6.0.1

RSA 2048 (SHA256)  

TLS 1.2

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   ECDH secp256r1  FS

Safari 7 / iOS 7.1  R

RSA 2048 (SHA256)  

TLS 1.2

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   ECDH secp256r1  FS

Safari 7 / OS X 10.9  R

RSA 2048 (SHA256)  

TLS 1.2

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   ECDH secp256r1  FS

Safari 8 / iOS 8.4  R

RSA 2048 (SHA256)  

TLS 1.2

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   ECDH secp256r1  FS

Safari 8 / OS X 10.10  R

RSA 2048 (SHA256)  

TLS 1.2

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   ECDH secp256r1  FS

Safari 9 / iOS 9  R

RSA 2048 (SHA256)  

TLS 1.2 > h2  

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

Safari 9 / OS X 10.11  R

RSA 2048 (SHA256)  

TLS 1.2 > h2  

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

Safari 10 / iOS 10  R

RSA 2048 (SHA256)  

TLS 1.2 > h2  

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

Safari 10 / OS X 10.12  R

RSA 2048 (SHA256)  

TLS 1.2 > h2  

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

Apple ATS 9 / iOS 9  R

RSA 2048 (SHA256)  

TLS 1.2 > h2  

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

Yahoo Slurp Jan 2015

RSA 2048 (SHA256)  

TLS 1.2

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

YandexBot Jan 2015

RSA 2048 (SHA256)  

TLS 1.2

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS

https://www.ssllabs.com/images/expand.png

# Not simulated clients (Protocol mismatch)

Click here to expand

(1) Clients that do not support Forward Secrecy (FS) are excluded when determining support for it.

(2) No support for virtual SSL hosting (SNI). Connects to the default site if the server uses SNI.

(3) Only first connection attempt simulated. Browsers sometimes retry with a lower protocol version.

(R) Denotes a reference browser or client, with which we expect better effective security.

(All) We use defaults, but some platforms do not use their best protocols and features (e.g., Java 6 & 7, older IE).

(All) Certificate trust is not checked in handshake simulation, we only perform TLS handshake.



https://www.ssllabs.com/images/icon-protocol-details.png

Protocol Details

DROWN

No, server keys and hostname not seen elsewhere with SSLv2

(1) For a better understanding of this test, please read this longer explanation
(2) Key usage data kindly provided by the Censys network search engine; original DROWN website here
(3) Censys data is only indicative of possible key and certificate reuse; possibly out-of-date and not complete

Secure Renegotiation

Supported

Secure Client-Initiated Renegotiation

No

Insecure Client-Initiated Renegotiation

No

BEAST attack

Mitigated server-side (more info)  

POODLE (SSLv3)

No, SSL 3 not supported (more info)

POODLE (TLS)

No (more info)

Zombie POODLE

No (more info)   TLS 1.2 : 0xc027

GOLDENDOODLE

No (more info)   TLS 1.2 : 0xc027

OpenSSL 0-Length

No (more info)   TLS 1.2 : 0xc027

Sleeping POODLE

No (more info)   TLS 1.2 : 0xc027

Downgrade attack prevention

Yes, TLS_FALLBACK_SCSV supported (more info)

SSL/TLS compression

No

RC4

No

Heartbeat (extension)

No

Heartbleed (vulnerability)

No (more info)

Ticketbleed (vulnerability)

No (more info)

OpenSSL CCS vuln. (CVE-2014-0224)

No (more info)

OpenSSL Padding Oracle vuln.
(CVE-2016-2107)

No (more info)

ROBOT (vulnerability)

No (more info)

Forward Secrecy

Yes (with most browsers)   ROBUST (more info)

ALPN

Yes   h2 http/1.1

NPN

No

Session resumption (caching)

Yes

Session resumption (tickets)

Yes

OCSP stapling

No

Strict Transport Security (HSTS)

Yes 
max-age=31536000

HSTS Preloading

Not in: Chrome  Edge  Firefox  IE 

Public Key Pinning (HPKP)

No (more info)

Public Key Pinning Report-Only

No

Public Key Pinning (Static)

No (more info)

Long handshake intolerance

No

TLS extension intolerance

No

TLS version intolerance

No

Incorrect SNI alerts

No

Uses common DH primes

No

DH public server param (Ys) reuse

No

ECDH public server param reuse

No

Supported Named Groups

x25519, secp256r1, x448, secp521r1, secp384r1 (server preferred order)

SSL 2 handshake compatibility

Yes

0-RTT enabled

No



https://www.ssllabs.com/images/icon-http.png

https://www.ssllabs.com/images/expand.pngHTTP Requests

 

1 https://yrm.in/  (HTTP/1.1 200 OK)



https://www.ssllabs.com/images/icon-misc.png

Miscellaneous

Test date

Tue, 06 Aug 2019 04:52:46 UTC

Test duration

117.380 seconds

HTTP status code

200

HTTP server signature

Apache

Server hostname

s140.xrea.com

 

SSL Report v1.35.1

コピペここまで。

 

Hosting:

 

プライバシーポリシー

当サイトに掲載されている広告について

当サイトでは、第三者配信の広告サービス(Googleアドセンス)を利用しています。
このような広告配信事業者は、ユーザーの興味に応じた商品やサービスの広告を表示するため、当サイトや他サイトへのアクセスに関する情報 Cookie(氏名、住所、メール アドレス、電話番号は含まれません) を使用することがあります。
またGoogleアドセンスに関して、このプロセスの詳細やこのような情報が広告配信事業者に使用されないようにする方法については、こちらをクリックしてください。

当サイトが使用しているアクセス解析ツールについて

当サイトでは、Googleによるアクセス解析ツール「Googleアナリティクス」を利用しています。
このGoogleアナリティクスはトラフィックデータの収集のためにCookieを使用しています。
このトラフィックデータは匿名で収集されており、個人を特定するものではありません。
この機能はCookieを無効にすることで収集を拒否することが出来ますので、お使いのブラウザの設定をご確認ください。
この規約に関して、詳しくはこちら、またはこちらをクリックしてください。

当サイトへのコメントについて

当サイトでは、スパム・荒らしへの対応として、コメントの際に使用されたIPアドレスを記録しています。
これはブログの標準機能としてサポートされている機能で、スパム・荒らしへの対応以外にこのIPアドレスを使用することはありません。
また、メールアドレスとURLの入力に関しては、任意となっております。
全てのコメントは管理人であるhogehogeが事前にその内容を確認し、承認した上での掲載となりますことをあらかじめご了承下さい。
加えて、次の各号に掲げる内容を含むコメントは管理人の裁量によって承認せず、削除する事があります。

·        特定の自然人または法人を誹謗し、中傷するもの。

·        極度にわいせつな内容を含むもの。

·        禁制品の取引に関するものや、他者を害する行為の依頼など、法律によって禁止されている物品、行為の依頼や斡旋などに関するもの。

·        その他、公序良俗に反し、または管理人によって承認すべきでないと認められるもの。