www.caynova.com

Issued by R3

About this certificate

This digital certificate with serial number 04:ea:21:83:3c:41:03:78:ec:1e:ae:7c:39:90:96:e6:91:82 was issued on by Let's Encrypt.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=www.caynova.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:ea:21:83:3c:41:03:78:ec:1e:ae:7c:39:90:96:e6:91:82
Serial Number (int): 428119763523385438746850109715295800562050
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 8e:cd:c0:57:0a:f6:66:63:89:03:c1:2a:a7:dc:c2:7e:61:bb:2e:d5
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 96:4d:d6:d7:2e:ce:1a:8e:c0:d8:f0:cb:32:02:eb:0b:cf:85:50:a7
Fingerprint (sha256): 24:49:9e:52:4e:23:3b:1b:bb:e2:be:af:90:45:bb:9f:01:55:5b:6e:b7:e0:44:fa:be:3f:2a:ef:5d:f2:a2:44

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate www.caynova.com

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.caynova.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

caynova.odoo.camptocamp.ch
lantal.odoo.camptocamp.ch
www.caynova.com

Other certificates including the domain name caynova.com

(limited to 100 certificates)
www.caynova.com
www.caynova.com

Certificate

The complete raw certificate details for www.caynova.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISBOohgzxBA3jsHq58OZCW5pGCMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAxMDYxMDIyMTVaFw0yNDA0MDUxMDIyMTRaMBoxGDAWBgNVBAMT
D3d3dy5jYXlub3ZhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALcONTRF5t41ZCuxaitvtGdf4qB2oaF7DCVnZH18thNH/XcY5t/si9mhu3Y550dX
moYE4d81YiWC/HrCwowQbchSdMuJDRAJWHLdxIreg9yNISuXffi37jYEShoS1bTN
TVtipmyd/n+JKvNc1h7mVYu+2BwacoZz29wSo71ASNxNnQOkDk4zVY8jUpaMojVe
cusTXmtdzf+Fi/BuPzTvBY3f+rgJDL6tOqFC8JIYQBsWOs5drUzOVEq8YZNLPSX/
aKU/7yqWsuouZMvUsr44izLyBd5jEyhm4vWYOhFi6kA89fnh7bmayTfXE93K7fpb
EHw/BwMJeF7fQsMw+ZZZ8ZcCAwEAAaOCAkkwggJFMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV
HQ4EFgQUjs3AVwr2ZmOJA8Eqp9zCfmG7LtUwHwYDVR0jBBgwFoAUFC6zF7dYVsuu
UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v
cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y
Zy8wUQYDVR0RBEowSIIaY2F5bm92YS5vZG9vLmNhbXB0b2NhbXAuY2iCGWxhbnRh
bC5vZG9vLmNhbXB0b2NhbXAuY2iCD3d3dy5jYXlub3ZhLmNvbTATBgNVHSAEDDAK
MAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AKLiv9Ye3i8vB6DW
Tm03p9xlQ7DGtS6i2reK+Jpt9RfYAAABjN6CYWUAAAQDAEgwRgIhAJkgaJ3fVXpw
o/TVr5pYmLiNOct1XqBnLdl7ce6T8ChqAiEAireVH7HGS8lCwaOv5/BPB9i6PZDt
JbmRpwmE4umzxscAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAA
AYzegmFnAAAEAwBHMEUCIGPfCSNG/YV3PddlkJXMaLa2AEgcXSzW2iN23Gbjv3y+
AiEAh90AqMtunoQaqPovPcSMd6fhj2cE3YeklAJj9gIXlbswDQYJKoZIhvcNAQEL
BQADggEBAJkGR69OVcvqDI5P0nspXeX/z83cDhG0M+Lhggs4NMos3lfm6MDfe+T/
968p0MEEdpkOZohDSgNbV1zV+IxlbZUvz6QmQa2F7cNCGccInwR36ztgj9hGxIkO
5A29sB3gKkS+pvxpej1bMKeJFu51PfAzFrdn/u0z3DxQxa67mydf+Nf7WO3HAcYh
HJE8x5KF6jJcUFbdZcrkkxyIh5uGh3sH5un5RbFQmu5FBRtA85Ay+aGwzhn8/DXg
kPV1exG+8Ht88M01nBqSqkcPJfaj0EvCZ33xSqps7EzJqJbZDU17rV6OIPVc3qMm
vOAzAK6AkYFN3U8bOOly9+/75NtR7Tg=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw41NEXm3jVkK7FqK2+0
Z1/ioHahoXsMJWdkfXy2E0f9dxjm3+yL2aG7djnnR1eahgTh3zViJYL8esLCjBBt
yFJ0y4kNEAlYct3Eit6D3I0hK5d9+LfuNgRKGhLVtM1NW2KmbJ3+f4kq81zWHuZV
i77YHBpyhnPb3BKjvUBI3E2dA6QOTjNVjyNSloyiNV5y6xNea13N/4WL8G4/NO8F
jd/6uAkMvq06oULwkhhAGxY6zl2tTM5USrxhk0s9Jf9opT/vKpay6i5ky9SyvjiL
MvIF3mMTKGbi9Zg6EWLqQDz1+eHtuZrJN9cT3crt+lsQfD8HAwl4Xt9CwzD5llnx
lwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 428119763523385438746850109715295800562050
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-06 10:22:15 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-05 10:22:14 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.caynova.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23108615950328724292352448171589068004014438273230404347966806394015319692644133156132066688552214136960201864360285789975492098738077666958036632923974986068222865470254248806656493446998683994159920791493975723239043871867619847468299376061711580860761982881306370740880653239290537186520805301933168539400336633553555165150068577715548587736205610368886061950525136422210507934773661912359479429196635875195572778368399496851486239796791072792269373080449698691709808043989295370308511961466969216456485620706291241049000154912764246927688666601664548188797751554735135461150433794382059000731657618257850721235351
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							8ecdc0570af666638903c12aa7dcc27e61bb2ed5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'caynova.odoo.camptocamp.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lantal.odoo.camptocamp.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.caynova.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018cde82616500000403004830460221009920689ddf557a70a3f4d5af9a5898b88d39cb755ea0672dd97b71ee93f0286a0221008ab7951fb1c64bc942c1a3afe7f04f07d8ba3d90ed25b991a70984e2e9b3c6c7007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018cde8261670000040300473045022063df092346fd85773dd7659095cc68b6b600481c5d2cd6da2376dc66e3bf7cbe02210087dd00a8cb6e9e841aa8fa2f3dc48c77a7e18f6704dd87a4940263f6021795bb
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00990647af4e55cbea0c8e4fd27b295de5ffcfcddc0e11b433e2e1820b3834ca2cde57e6e8c0df7be4fff7af29d0c10476990e6688434a035b575cd5f88c656d952fcfa42641ad85edc34219c7089f0477eb3b608fd846c4890ee40dbdb01de02a44bea6fc697a3d5b30a78916ee753df03316b767feed33dc3c50c5aebb9b275ff8d7fb58edc701c6211c913cc79285ea325c5056dd65cae4931c88879b86877b07e6e9f945b1509aee45051b40f39032f9a1b0ce19fcfc35e090f5757b11bef07b7cf0cd359c1a92aa470f25f6a3d04bc2677df14aaa6cec4cc9a896d90d4d7bad5e8e20f55cdea326bce03300ae8091814ddd4f1b38e972f7effbe4db51ed38