SSL Report: zvk-rentenauskunft-test.kvbbg.de (194.149.241.104)
Assessed on:  Mon, 28 Jul 2025 08:22:18 UTC | Clear cache

Due to a recently discovered bug in Apple's code, your browser is exposed to MITM attacks. Click here for more information.

Summary
Overall Rating
T
If trust issues are ignored: B
0
20
40
60
80
100
Certificate
 
Protocol Support
 
Key Exchange
 
Cipher Strength
 

Visit our documentation page for more information, configuration guides, and books. Known issues are documented here.
This server's certificate is not trusted, see below for details.
This server's certificate is not trusted by major browsers. MORE INFO »
This server's certificate chain is incomplete. Grade capped to B.
This site works only in browsers with SNI support.
This server supports TLS 1.3.  MORE INFO »
HTTP Strict Transport Security (HSTS) with long duration deployed on this server.  MORE INFO »
Certificate #1: RSA 4096 bits (1.2.840.113549.1.1.10)
Server Key and Certificate #1
Subject zvk-rentenauskunft-test.kvbbg.de
Fingerprint SHA256: 6b57ad7592e5a6c21e90e204d072ebfd9d5d63abdb67a81944fdb1e37ce4e56d
Pin SHA256: F/kYa6uefVKH+03VN7Qr06Pi8CmF4gerKO6xY9MxXSg=
Common names zvk-rentenauskunft-test.kvbbg.de
Alternative names zvk-rentenauskunft-test.kvbbg.de
Serial Number 00f5c1
Valid from Mon, 12 May 2025 13:11:06 UTC
Valid until Fri, 12 May 2028 13:11:06 UTC (expires in 2 years and 9 months)
Key RSA 4096 bits (e 65537)
Weak key (Debian) No
Issuer DRV DRIS Q-CA 2024aa
AIA: ldap://dir.qstc.drv/cn=DRV%20DRIS%20Q-CA%202024aa,ou=DRV%20DRIS%20Q-CA,cn=Public,o=DRV,c=DE?cACertificate
AIA: http://dir.qstc.drv/cer/dris_2024aa.cer
Signature algorithm 1.2.840.113549.1.1.10
Extended Validation No
Certificate Transparency No
OCSP Must Staple No
Revocation information None
DNS CAA No (more info)
Trusted No   NOT TRUSTED (Why?)
Mozilla  Apple  Android  Java  Windows 


Additional Certificates (if supplied)
Certificates provided 2 (4364 bytes)
Chain issues Incomplete
#2
Subject DRV DRIS Q-CA 2024aa
Fingerprint SHA256: 196847eb4d2990a3ecbfaa7946d6f9ab4e503dbfbb2ed4319132d60af6ff1293
Pin SHA256: YK4JHVQ7qPcthABzxXySYN7kg45Cd6UVvlGLVo1MA8A=
Valid until Tue, 20 Aug 2030 07:31:34 UTC (expires in 5 years)
Key RSA 4096 bits (e 65537)
Issuer DRV Root Q-CA 2024a
Signature algorithm 1.2.840.113549.1.1.10


Certification Paths
No trust paths available
Issuer unknown, or intermediate certificate(s) missing.
No trust paths available
Issuer unknown, or intermediate certificate(s) missing.
No trust paths available
Issuer unknown, or intermediate certificate(s) missing.
No trust paths available
Issuer unknown, or intermediate certificate(s) missing.
No trust paths available
Issuer unknown, or intermediate certificate(s) missing.

Click here to expand

Configuration
Protocols
TLS 1.3 Yes
TLS 1.2 Yes
TLS 1.1 No
TLS 1.0 No
SSL 3 No
SSL 2 No


Cipher Suites
# TLS 1.3 (suites in server-preferred order)
TLS_AES_256_GCM_SHA384 (0x1302)   ECDH secp256r1 (eq. 3072 bits RSA)   FS 256
TLS_CHACHA20_POLY1305_SHA256 (0x1303)   ECDH secp256r1 (eq. 3072 bits RSA)   FS 256
TLS_AES_128_GCM_SHA256 (0x1301)   ECDH secp256r1 (eq. 3072 bits RSA)   FS 128
# TLS 1.2 (suites in server-preferred order)
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)   ECDH secp256r1 (eq. 3072 bits RSA)   FS 256
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8)   ECDH secp256r1 (eq. 3072 bits RSA)   FS 256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)   ECDH secp256r1 (eq. 3072 bits RSA)   FS 128
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f)   DH 2048 bits   FS 256
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xccaa)   DH 2048 bits   FS 256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e)   DH 2048 bits   FS 128