SSL Report:
api-pki.faw-pre.icvcs.com
(120.46.206.109)
Assessed on: Wed, 31 Dec 2025 06:40:45 UTC
| Clear cache
Summary
If trust issues are ignored: B
0
20
40
60
80
100
Certificate
Protocol Support
Key Exchange
Cipher Strength
Visit our documentation page
for more information, configuration guides, and books. Known issues are documented
here.
This server's certificate is not trusted, see below for details.
This server's certificate is not trusted by major browsers. MORE INFO »
This server's certificate chain is incomplete. Grade capped to B.
This site works only in browsers with SNI support.
This server supports TLS 1.3. MORE INFO »
Certificate #1: RSA 4096 bits (1.2.840.113549.1.1.10)
|
Server Key and Certificate #1
|
|
| Subject |
api-pki.faw-pre.icvcs.com
Fingerprint SHA256: 3fcb06c94173d8e0d7d7fcf7211255e8793faf95664916786a98ca85ec2e8d55 Pin SHA256: qhSi+46sDLYdaGeQKpTQZnMEtUd7wvVoDiXJS9/Cz/k= |
| Common names | api-pki.faw-pre.icvcs.com |
| Alternative names | api-pki.faw-pre.icvcs.com |
| Serial Number | 0195b747bb2c060942ac5ea35b000883 |
| Valid from | Fri, 21 Mar 2025 05:58:06 UTC |
| Valid until | Tue, 21 Mar 2028 05:58:06 UTC (expires in 2 years and 2 months) |
| Key | RSA 4096 bits (e 65537) |
| Weak key (Debian) | No |
| Issuer | Faw RSA-PSS Equipment Sub CA1
|
| Signature algorithm | 1.2.840.113549.1.1.10 |
| Extended Validation | No |
| Certificate Transparency | No |
| OCSP Must Staple | No |
| Revocation information |
CRL CRL: https://x2-sck-obs-pki.obs.cn-north-4.myhuaweicloud.com/crls/fawrsa-pssequipmentsubca1/RuwJ5dlOZDJ.crl HTTPS URIs are not universally supported |
| Revocation status | Unchecked (only trusted certificates can be checked) |
| DNS CAA | No (more info) |
| Trusted | No NOT TRUSTED
(Why?)
Mozilla Apple Android Java Windows |
|
Additional Certificates (if supplied)
|
|
| Certificates provided | 1 (1797 bytes) |
| Chain issues | Incomplete |
Certification Paths |
|
|
||
| No trust paths available Issuer unknown, or intermediate certificate(s) missing. |
||
| No trust paths available Issuer unknown, or intermediate certificate(s) missing. |
||
| No trust paths available Issuer unknown, or intermediate certificate(s) missing. |
||
| No trust paths available Issuer unknown, or intermediate certificate(s) missing. |
||
| No trust paths available Issuer unknown, or intermediate certificate(s) missing. |
Certificate #2: RSA 4096 bits (SHA256withRSA)
No SNI
|
Server Key and Certificate #1
|
|
| Subject |
chery-pki-pre.ias.huawei.com
Fingerprint SHA256: d4d82ab793b9fcceb55c8e7581fd122a5cba57a8a23ba20549a1268137c792e3 Pin SHA256: LYWvlLi9ksXkEEdzMySU6cYC5VhNzhXDL8+ZriAB1lE= |
| Common names | chery-pki-pre.ias.huawei.com |
| Alternative names | chery-pki-pre.ias.huawei.com MISMATCH |
| Serial Number | 018744e3b6eb021cc5d83b5b3bd2298f |
| Valid from | Mon, 03 Apr 2023 02:13:06 UTC |
| Valid until | Fri, 03 Apr 2043 02:13:06 UTC (expires in 17 years and 3 months) |
| Key | RSA 4096 bits (e 65537) |
| Weak key (Debian) | No |
| Issuer | CHERY SSA RSA4096 SUB CA
|
| Signature algorithm | SHA256withRSA |
| Extended Validation | No |
| Certificate Transparency | No |
| OCSP Must Staple | No |
| Revocation information |
CRL CRL: https://x2-sck-obs-pki.obs.cn-north-4.myhuaweicloud.com/crls/cheryssarsa4096subca/BKXGw8VAAnt.crl HTTPS URIs are not universally supported |
| Revocation status | Unchecked (only trusted certificates can be checked) |
| Trusted | No NOT TRUSTED
(Why?)
Mozilla Apple Android Java Windows |
|
Additional Certificates (if supplied)
|
|
| Certificates provided | 1 (1701 bytes) |
| Chain issues | Incomplete |
|
Certification Paths |
|
|
||
| No trust paths available Issuer unknown, or intermediate certificate(s) missing. |
||
| No trust paths available Issuer unknown, or intermediate certificate(s) missing. |
||
| No trust paths available Issuer unknown, or intermediate certificate(s) missing. |
||
| No trust paths available Issuer unknown, or intermediate certificate(s) missing. |
||
| No trust paths available Issuer unknown, or intermediate certificate(s) missing. |
Configuration
| Protocols | |
| TLS 1.3 | Yes |
| TLS 1.2 | Yes* |
| TLS 1.1 | No |
| TLS 1.0 | No |
| SSL 3 | No |
| SSL 2 | No |
| (*) Experimental: Server negotiated using No-SNI | |
| Cipher Suites | ||
|
# TLS 1.3 (suites in server-preferred order)
|
||
TLS_AES_256_GCM_SHA384 (0x1302)
ECDH x25519 (eq. 3072 bits RSA) FS
|
256 | |
TLS_CHACHA20_POLY1305_SHA256 (0x1303)
ECDH x25519 (eq. 3072 bits RSA) FS
|
256 | |