Certificate Overview
Valid Host Names | Not matched | panel.myservr.org | |
---|---|---|---|
Expires | in 2 months | Valid after Jun 25, 2012 | |
Trust | Not trusted | The certificate was issued by CAcert Class 3 Root, which is not a trusted authority. This is most likely because the servers' certificate chain is not installed correctly. |
Security
Encryption Ciphers | OK | ||
---|---|---|---|
Public Key Size | 1024 bits | Key sizes 1024 bits or larger are considered secure. Be aware that unnecessarily large key sizes will slow down the connection establishment. | |
Secure Renegotiation | Yes | ||
Protocols | Insecure | Server supports SSLv2. This is a deprecated and insecure protocol which should be disabled. |
Performance
HTTP Keepalive | No | Enabling HTTP Keep-Alive will allow subsequent requests to be served faster, without the need to establish a new SSL/TLS connection. | |
---|---|---|---|
SSL Session Cache | Yes | ||
TLS Stateless Resume | Yes | ||
SSL Handshake Size | 1739 bytes | A smaller SSL handshake means a faster connection. Reducing the number & size of certificates in your chain, and reducing the size of the public key will reduce this. |
Encryption Ciphers (TLS/SSLv3)
Cipher | Strength | Algo | Key | KeyEx | Handshake | ||
---|---|---|---|---|---|---|---|
DES-CBC-SHA | Low | DES | 56-bit | RSA | 402ms | 1571 bytes | |
RC4-MD5 | Medium | RC4 | 128-bit | RSA | 405ms | 1555 bytes | |
RC4-SHA | Medium | RC4 | 128-bit | RSA | 406ms | 1563 bytes | |
AES128-SHA | High | AES | 128-bit | RSA | 403ms | 1587 bytes | |
DES-CBC3-SHA | High | 3DES | 168-bit | RSA | 392ms | 1571 bytes | |
AES256-SHA | High | AES | 256-bit | RSA | 388ms | 1587 bytes |