SSL Report:
med.fsu.edu
(23.185.0.1)
Assessed on: Thu, 22 Jan 2026 19:08:28 UTC
| Clear cache
Summary
0
20
40
60
80
100
Certificate
Protocol Support
Key Exchange
Cipher Strength
Visit our documentation page
for more information, configuration guides, and books. Known issues are documented
here.
This site works only in browsers with SNI support.
This server supports TLS 1.3. MORE INFO »
HTTP Strict Transport Security (HSTS) with long duration deployed on this server.
MORE INFO »
Certificate #1: RSA 2048 bits (SHA256withRSA)
|
Server Key and Certificate #1
|
|
| Subject |
med.fsu.edu
Fingerprint SHA256: 90af70fdb5a6e5c0b7eee1212bb1a768fb674fdd6d0adbcefbc8d06342556e89 Pin SHA256: xJeS/6NFl7GBLoWTFMpC3grDLAA3ec7xFZZ9xsTa2Zc= |
| Common names | med.fsu.edu |
| Alternative names | med.fsu.edu www.med.fsu.edu |
| Serial Number | 06ded40c76c0df3aa2063473c1d8abb812bb |
| Valid from | Wed, 31 Dec 2025 17:10:19 UTC |
| Valid until | Tue, 31 Mar 2026 17:10:18 UTC (expires in 2 months and 8 days) |
| Key | RSA 2048 bits (e 65537) |
| Weak key (Debian) | No |
| Issuer | R13
AIA: http://r13.i.lencr.org/ |
| Signature algorithm | SHA256withRSA |
| Extended Validation | No |
| Certificate Transparency | Yes (certificate) |
| OCSP Must Staple | No |
| Revocation information |
CRL CRL: http://r13.c.lencr.org/60.crl |
| Revocation status | Good (not revoked) |
| DNS CAA | No (more info) |
| Trusted | Yes
Mozilla Apple Android Java Windows |
Certification Paths |
Certificate #2: RSA 2048 bits (SHA256withRSA)
No SNI
|
Certification Paths |
Configuration
| Protocols | |
| TLS 1.3 | Yes |
| TLS 1.2 | Yes* |
| TLS 1.1 | No |
| TLS 1.0 | No |
| SSL 3 | No |
| SSL 2 | No |
| (*) Experimental: Server negotiated using No-SNI | |
| Cipher Suites | ||
|
# TLS 1.3 (suites in server-preferred order)
|
||
TLS_AES_128_GCM_SHA256 (0x1301)
ECDH x25519 (eq. 3072 bits RSA) FS
|
128 | |
TLS_AES_256_GCM_SHA384 (0x1302)
ECDH x25519 (eq. 3072 bits RSA) FS
|
256 | |
TLS_CHACHA20_POLY1305_SHA256 (0x1303)
ECDH x25519 (eq. 3072 bits RSA) FS
|
256P | |
|
# TLS 1.2 (suites in server-preferred order)
|
||
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8)
ECDH x25519 (eq. 3072 bits RSA) FS
|
256 | |
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
ECDH x25519 (eq. 3072 bits RSA) FS
|
128 | |
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
ECDH x25519 (eq. 3072 bits RSA) FS
|
256 | |
| (P) This server prefers ChaCha20 suites with clients that don't have AES-NI (e.g., Android devices) | ||
| Handshake Simulation | |||
| Android 4.4.2 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Android 5.0.0 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Android 6.0 | RSA 2048 (SHA256) | TLS 1.2 > http/1.1 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Android 7.0 | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 ECDH x25519 FS |
| Android 8.0 | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 ECDH x25519 FS |
| Android 8.1 | - | TLS 1.3 | TLS_AES_128_GCM_SHA256 ECDH x25519 FS |
| Android 9.0 | - | TLS 1.3 | TLS_AES_128_GCM_SHA256 ECDH x25519 FS |
| BingPreview Jan 2015 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Chrome 49 / XP SP3 | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 ECDH secp256r1 FS |
| Chrome 69 / Win 7 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 ECDH x25519 FS |
| Chrome 70 / Win 10 | - | TLS 1.3 | TLS_AES_128_GCM_SHA256 ECDH x25519 FS |
| Chrome 80 / Win 10 R | - | TLS 1.3 | TLS_AES_128_GCM_SHA256 ECDH x25519 FS |
| Firefox 31.3.0 ESR / Win 7 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Firefox 47 / Win 7 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 ECDH secp256r1 FS |
| Firefox 49 / XP SP3 | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 ECDH secp256r1 FS |
| Firefox 62 / Win 7 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 ECDH x25519 FS |
| Firefox 73 / Win 10 R | - | TLS 1.3 | TLS_AES_128_GCM_SHA256 ECDH x25519 FS |
| Googlebot Feb 2018 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 ECDH x25519 FS |
| IE 11 / Win 7 R |
Server sent fatal alert: handshake_failure |
||
| IE 11 / Win 8.1 R |
Server sent fatal alert: handshake_failure |
||
| IE 11 / Win Phone 8.1 R |
Server sent fatal alert: handshake_failure |
||
| IE 11 / Win Phone 8.1 Update R |
Server sent fatal alert: handshake_failure |
||
| IE 11 / Win 10 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Edge 15 / Win 10 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH x25519 FS |
| Edge 16 / Win 10 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH x25519 FS |
| Edge 18 / Win 10 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH x25519 FS |
| Edge 13 / Win Phone 10 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Java 8u161 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Java 11.0.3 | - | TLS 1.3 | TLS_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Java 12.0.1 | - | TLS 1.3 | TLS_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| OpenSSL 1.0.1l R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| OpenSSL 1.0.2s R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| OpenSSL 1.1.0k R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 ECDH x25519 FS |
| OpenSSL 1.1.1c R | - | TLS 1.3 | TLS_AES_128_GCM_SHA256 ECDH x25519 FS |
| Safari 6 / iOS 6.0.1 |
Server sent fatal alert: handshake_failure |
||
| Safari 7 / iOS 7.1 R |
Server sent fatal alert: handshake_failure |
||
| Safari 7 / OS X 10.9 R |
Server sent fatal alert: handshake_failure |
||
| Safari 8 / iOS 8.4 R |
Server sent fatal alert: handshake_failure |
||
| Safari 8 / OS X 10.10 R |
Server sent fatal alert: handshake_failure |
||
| Safari 9 / iOS 9 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Safari 9 / OS X 10.11 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Safari 10 / iOS 10 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Safari 10 / OS X 10.12 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Safari 12.1.2 / MacOS 10.14.6 Beta R | - | TLS 1.3 | TLS_CHACHA20_POLY1305_SHA256 ECDH x25519 FS |
| Safari 12.1.1 / iOS 12.3.1 R | - | TLS 1.3 | TLS_CHACHA20_POLY1305_SHA256 ECDH x25519 FS |
| Apple ATS 9 / iOS 9 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Yahoo Slurp Jan 2015 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| YandexBot Jan 2015 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
|
# Not simulated clients (Protocol mismatch)
|
|||
| Android 2.3.7 No SNI 2 |
Protocol mismatch (not simulated) |
||
| Android 4.0.4 |
Protocol mismatch (not simulated) |
||
| Android 4.1.1 |
Protocol mismatch (not simulated) |
||
| Android 4.2.2 |
Protocol mismatch (not simulated) |
||
| Android 4.3 |
Protocol mismatch (not simulated) |
||
| Baidu Jan 2015 |
Protocol mismatch (not simulated) |
||
| IE 6 / XP No FS 1 No SNI 2 |
Protocol mismatch (not simulated) |
||
| IE 7 / Vista |
Protocol mismatch (not simulated) |
||
| IE 8 / XP No FS 1 No SNI 2 |
Protocol mismatch (not simulated) |
||
| IE 8-10 / Win 7 R |
Protocol mismatch (not simulated) |
||
| IE 10 / Win Phone 8.0 |
Protocol mismatch (not simulated) |
||
| Java 6u45 No SNI 2 |
Protocol mismatch (not simulated) |
||
| Java 7u25 |
Protocol mismatch (not simulated) |
||
| OpenSSL 0.9.8y |
Protocol mismatch (not simulated) |
||
| Safari 5.1.9 / OS X 10.6.8 |
Protocol mismatch (not simulated) |
||
| Safari 6.0.4 / OS X 10.8.4 R |
Protocol mismatch (not simulated) |
||
| (1) Clients that do not support Forward Secrecy (FS) are excluded when determining support for it. | |||
| (2) No support for virtual SSL hosting (SNI). Connects to the default site if the server uses SNI. | |||
| (3) Only first connection attempt simulated. Browsers sometimes retry with a lower protocol version. | |||
| (R) Denotes a reference browser or client, with which we expect better effective security. | |||
| (All) We use defaults, but some platforms do not use their best protocols and features (e.g., Java 6 & 7, older IE). | |||
| (All) Certificate trust is not checked in handshake simulation, we only perform TLS handshake. | |||
| Protocol Details | |
| Secure Renegotiation | Supported |
| Secure Client-Initiated Renegotiation | No |
| Insecure Client-Initiated Renegotiation | No |
| BEAST attack | Mitigated server-side (more info) |
| POODLE (SSLv3) | No, SSL 3 not supported (more info) |
| POODLE (TLS) | No (more info) |
| Zombie POODLE | No (more info) |
| GOLDENDOODLE | No (more info) |
| OpenSSL 0-Length | No (more info) |
| Sleeping POODLE | No (more info) |
| Downgrade attack prevention | Yes, TLS_FALLBACK_SCSV supported (more info) |
| SSL/TLS compression | No |
| RC4 | No |
| Heartbeat (extension) | No |
| Heartbleed (vulnerability) | No (more info) |
| Ticketbleed (vulnerability) | No (more info) |
| OpenSSL CCS vuln. (CVE-2014-0224) | No (more info) |
| OpenSSL Padding Oracle vuln. (CVE-2016-2107) |
No (more info) |
| ROBOT (vulnerability) | No (more info) |
| Forward Secrecy | Yes (with most browsers) ROBUST (more info) |
| ALPN | Yes h2 http/1.1 |
| NPN | No |
| Session resumption (caching) | No (IDs assigned but not accepted) |
| Session resumption (tickets) | Yes |
| OCSP stapling | No |
| Strict Transport Security (HSTS) | Yes
max-age=31622400; includeSubDomains; preload |
| HSTS Preloading | Not in: Chrome Edge Firefox IE |
| Public Key Pinning (HPKP) | No (more info) |
| Public Key Pinning Report-Only | No |
| Public Key Pinning (Static) | No (more info) |
| Long handshake intolerance | No |
| TLS extension intolerance | No |
| TLS version intolerance | No |
| Incorrect SNI alerts | No |
| Uses common DH primes | No, DHE suites not supported |
| DH public server param (Ys) reuse | No, DHE suites not supported |
| ECDH public server param reuse | No |
| Supported Named Groups | x25519, secp256r1, secp384r1 (server preferred order) |
| SSL 2 handshake compatibility | No |
| 0-RTT enabled | Yes |
|
HTTP Requests
|
|
1 https://med.fsu.edu/
(HTTP/1.1 200 OK)
| 1 | |
| Connection | close | |
| Content-Length | 100813 | |
| Cache-Control | max-age=900, public | |
| Content-Language | en | |
| Content-Type | text/html; charset=UTF-8 | |
| Etag | W/"1769108816" | |
| Expires | Sun, 19 Nov 1978 05:00:00 GMT | |
| Last-Modified | Thu, 22 Jan 2026 19:06:56 GMT | |
| Server | nginx | |
| Strict-Transport-Security | max-age=31622400; includeSubDomains; preload | |
| X-Content-Type-Options | nosniff | |
| X-Drupal-Cache | MISS | |
| X-Drupal-Cache-Contexts | languages:language_content languages:language_interface route theme timezone url user | |
| X-Drupal-Cache-Max-Age | 1800 | |
| X-Drupal-Cache-Tags | block_content:190 block_content:200 block_content:243 block_content_list block_content_view block_view config:block.block.annualeventbanner config:block.block.cssfixes config:block.block.fsu_strata_account_menu config:block.block.fsu_strata_branding config:block.block.fsu_strata_breadcrumbs config:block.block.fsu_strata_content config:block.block.fsu_strata_footer config:block.block.fsu_strata_help config:block.block.fsu_strata_librarychatbotv2 config:block.block.fsu_strata_local_actions config:block.block.fsu_strata_local_tasks config:block.block.fsu_strata_main_menu config:block.block.fsu_strata_messages config:block.block.fsu_strata_page_title config:block.block.fsu_strata_search config:block.block.fsu_strata_tools config:block.block.fsubehavioralhealthatapalacheecenternotice config:block.block.grandrounds config:block.block.homepageonlyalert config:block.block.hurricanealert config:block.block.hurricanealert_2 config:block.block.librarychatbot config:block.block.logininstructions config:block.block.maintenance config:block.block.maintenance_3 config:block.block.masquerade config:block.block.secondaryfooter config:block.block.views_block__latest_video_1_block_1 config:block.block.views_block__press_releases_block_1 config:block.block.views_block__publications_block_1 config:block.block.views_block__upcoming_events_home_page_block_1 config:block.block.views_block__view_annual_report_archive_block_1 config:block.block.views_block__view_best_medicine_newsletter_archive_block_1 config:block.block.views_block__view_edit_page_link_block_1 config:block.block.views_block__view_expert_subject_area_block_1 config:block.block.views_block__view_fsu_med_magazine_archive_block_1 config:block.block.views_block__view_grand_rounds_block_1 config:block.block.views_block__view_grand_rounds_videos_block_1 config:block.block.views_block__view_left_side_navigation_raw_url_block_1 config:block.block.views_block__view_major_annual_events_block_1 config:block.block.views_block__view_news_archive_block_1 config:block.block.views_block__view_news_block_1 config:block.block.views_block__view_news_compact_block_1 config:block.block.views_block__view_news_home_page_format__block_1 config:block.block.views_block__view_news_of_the_week_archives_block_1 config:block.block.views_block__view_page_navigation_block_1 config:block.block.views_block__view_press_release_archives_block_1 config:block.block.views_block__view_print_block_1 config:block.block.views_block__view_radio_block_1 config:block.block.views_block__view_side_bar_block_1 config:block.block.views_block__view_side_bar_right_block_1 config:block.block.views_block__view_spotlights_archive_block_1 config:block.block.views_block__view_spotlights_archive_department_campus_block_1 config:block.block.views_block__view_spotlights_archive_regional_campus_block_1 config:block.block.views_block__view_spotlights_archive_students__block_1 config:block.block.views_block__view_spotlights_block_1 config:block.block.views_block__view_spotlights_compact_block_1 config:block.block.views_block__view_spotlights_header_block_1 config:block.block.views_block__view_spotlights_home_page_block_1 config:block.block.views_block__view_television_block_1 config:block.block.views_block__view_upcoming_events_archive_block_1 config:block.block.views_block__view_upcoming_events_block_1 config:block.block.views_block__view_upcoming_events_compact_block_1 config:block.block.views_block__view_users_page_access_for_dotnet_block_1 config:block.block.views_block__view_video_library_latest_video_block_1 config:block.block.views_block__view_workshop_seminars_block_1 config:block_list config:field.storage.node.field_date config:field.storage.node.field_event_area config:field.storage.node.field_event_type config:field.storage.node.field_file_upload config:field.storage.node.field_image config:field.storage.node.field_introduction config:field.storage.node.field_large_image config:field.storage.node.field_spotlight_url config:field.storage.node.field_start_date config:field.storage.node.field_start_time config:field.storage.node.field_url config:filter.format.full_html config:filter.format.text_editor_unrestricted_full config:image.style.image_style_3_1_ratio config:paragraphs.settings config:system.menu.main config:user.role.anonymous config:views.view.upcoming_events_home_page config:views.view.view_news_home_page_format_ config:views.view.view_page_navigation config:views.view.view_spotlights_header config:workbench_access.access_scheme.default file:20431 file:20536 file:20781 file:20786 file:20859 file:20973 file:21010 file:21202 file:21448 file:21579 file:21597 file:21833 file:21928 file:22356 file:22476 file:22701 file:22805 file:22819 file:22937 file:23005 file:23029 file:23219 file:23377 file:23399 http_response local_task node:10016 node:10021 node:10029 node:10031 node:10052 node:10066 node:10167 node:10181 node:10200 node:10207 node:1022 node:10224 node:10225 node:10227 node:1061 node:1079 node:1085 node:1086 node:1128 node:1187 node:1343 node:1550 node:1771 node:1798 node:1817 node:182 node:1923 node:1958 node:1992 node:1993 node:2203 node:224 node:230 node:252 node:273 node:2915 node:2949 node:326 node:327 node:328 node:329 node:334 node:378 node:406 node:4260 node:4401 node:449 node:4676 node:4813 node:556 node:575 node:655 node:7555 node:77 node:828 node:8725 node:885 node:89 node:8913 node:899 node:904 node:905 node:907 node:9321 node:965 node:9735 node:9754 node:9791 node:9792 node:9807 node:9829 node:9846 node:9889 node:989 node:9951 node:9953 node:9986 node:9991 node_list node_type:full_page node_view paragraph:8390 paragraph:8391 paragraph:8392 paragraph:8393 paragraph:8394 paragraph:8395 paragraph:8396 paragraph:8397 paragraph:8398 paragraph:8399 paragraph:8400 paragraph:8401 paragraph:8402 paragraph:8403 paragraph:8404 paragraph:8405 paragraph:8406 paragraph:8407 paragraph_view rendered taxonomy_term:2 taxonomy_term:20 taxonomy_term_list user:0 | |
| X-Drupal-Dynamic-Cache | MISS | |
| X-Frame-Options | SAMEORIGIN | |
| X-Generator | Drupal 10 (https://www.drupal.org) | |
| X-Pantheon-Styx-Hostname | styx-fe1-b-6d866b556d-942r5 | |
| X-Styx-Req-Id | 852e1151-f7c5-11f0-9cd3-22bc5758a205 | |
| Date | Thu, 22 Jan 2026 19:07:40 GMT | |
| X-Served-By | cache-chi-kigq8000047-CHI, cache-bur-kbur8200110-BUR | |
| X-Cache | HIT, MISS | |
| X-Cache-Hits | 1, 0 | |
| X-Timer | S1769108860.145797,VS0,VE56 | |
| Vary | Accept-Encoding, Cookie, Cookie, Cookie | |
| Age | 43 | |
| Accept-Ranges | bytes | |
| Via | 1.1 varnish, 1.1 varnish | |
| Miscellaneous | |
| Test date | Thu, 22 Jan 2026 19:07:32 UTC |
| Test duration | 55.843 seconds |
| HTTP status code | 200 |
| HTTP server signature | nginx |
| Server hostname | - |
SSL Report v2.4.1