Certificate Overview
| Valid Host Names | Matched | *.xn--d1acpjx3f.xn--p1ai yandex.net yandex.tj yandex.com yandex.com.ua yandex.org *.yandex.fr yandex.ru *.yandex.uz yandex.jobs yandex.com.ru yandex.uz *.yandex.kg yandex.az yandex.com.tr *.yandex.md yandex.co.il yandex.aero *.yandex.tj *.yandex.com.tr *.yandex.com.am *.yandex.com.ru *.yandex.com *.yandex.ru yandex.com.ge yandex.ee yandex.lv yandex.lt *.yandex.com.ua *.yandex.co.il *.yandex.az yandex.by yandex.ua yandex.tm *.yandex.lv *.ya.ru *.yandex.lt yandex.de *.yandex.ua *.yandex.ee yandex.kz *.yandex.by *.yandex.aero *.yandex.net *.yandex.tm ya.ru yandex.com.am yandex.md *.yandex.org *.yandex.kz yandex.fr yandex.kg xn--d1acpjx3f.xn--p1ai *.yandex.de *.yandex.com.ge *.yandex.jobs | |
|---|---|---|---|
| Expires | in 2 months | Valid after Oct 1, 2020 | |
| Trust | Trusted | The certificate was issued by Yandex CA |
Security
| Encryption Ciphers | Weak | Weak encryption ciphers are supported. These are deprecated, and their removal will offer increased security. | |
|---|---|---|---|
| Public Key Size | 256 bits | Key sizes 1024 bits or larger are considered secure. Be aware that unnecessarily large key sizes will slow down the connection establishment. | |
| Secure Renegotiation | Yes | ||
| Protocols | TLSv1, TLSv1.1, TLSv1.2, TLSv1.3 | Server supports TLSv1 and / or TLSv1.1. These are deprecated protocols and should be phased out where possible. |
Performance
| HTTP Keepalive | No | Enabling HTTP Keep-Alive will allow subsequent requests to be served faster, without the need to establish a new SSL/TLS connection. | |
|---|---|---|---|
| SSL Handshake Size | 5442 bytes | The amount of data exchanged to establish a session with this server is large. This will result in a slower initial connection. Using a certificate with fewer intermediate chains and / or a smaller public key size can reduce the amount of data. |
Encryption Ciphers
| Cipher | Strength | Algo | Key | KeyEx | Handshake | ||
|---|---|---|---|---|---|---|---|
| TLS_AES_256_GCM_SHA384 | TLSv1.3 | High | AESGCM | 256-bit | any | 293ms | 5322 bytes |
| TLS_CHACHA20_POLY1305_SHA256 | TLSv1.3 | High | CHACHA20/POLY1305 | 256-bit | any | 301ms | 5290 bytes |
| TLS_AES_128_GCM_SHA256 | TLSv1.3 | High | AESGCM | 128-bit | any | 298ms | 5290 bytes |
| ECDHE-ECDSA-AES256-GCM-SHA384 | TLSv1.2 | High | AESGCM | 256-bit | ECDH | 419ms | 5332 bytes |
| ECDHE-RSA-AES256-GCM-SHA384 | TLSv1.2 | High | AESGCM | 256-bit | ECDH | 382ms | 5709 bytes |
| ECDHE-ECDSA-CHACHA20-POLY1305 | TLSv1.2 | High | CHACHA20/POLY1305 | 256-bit | ECDH | 420ms | 5315 bytes |
| ECDHE-RSA-CHACHA20-POLY1305 | TLSv1.2 | High | CHACHA20/POLY1305 | 256-bit | ECDH | 420ms | 5693 bytes |
| ECDHE-ECDSA-AES128-GCM-SHA256 | TLSv1.2 | High | AESGCM | 128-bit | ECDH | 381ms | 5330 bytes |
| ECDHE-RSA-AES128-GCM-SHA256 | TLSv1.2 | High | AESGCM | 128-bit | ECDH | 430ms | 5709 bytes |
| ECDHE-ECDSA-AES128-CCM8 | TLSv1.2 | High | AESCCM8 | 128-bit | ECDH | 423ms | 5316 bytes |
| ECDHE-ECDSA-AES128-CCM | TLSv1.2 | High | AESCCM | 128-bit | ECDH | 429ms | 5331 bytes |
| ECDHE-ECDSA-AES128-SHA256 | TLSv1.2 | High | AES | 128-bit | ECDH | 380ms | 5415 bytes |
| ECDHE-RSA-AES128-SHA256 | TLSv1.2 | High | AES | 128-bit | ECDH | 415ms | 5793 bytes |
| ECDHE-RSA-AES128-SHA | TLSv1 | High | AES | 128-bit | ECDH | 415ms | 5683 bytes |
| AES128-GCM-SHA256 | TLSv1.2 | High | AESGCM | 128-bit | RSA | 381ms | 5597 bytes |
| AES128-CCM8 | TLSv1.2 | High | AESCCM8 | 128-bit | RSA | 414ms | 5581 bytes |
| AES128-CCM | TLSv1.2 | High | AESCCM | 128-bit | RSA | 417ms | 5597 bytes |
| AES128-SHA256 | TLSv1.2 | High | AES | 128-bit | RSA | 404ms | 5681 bytes |
| DES-CBC3-SHA | SSLv3 | Low | 3DES | 168-bit | RSA | 282ms | 5533 bytes |