www.cchosp.com
- THE CHESTER COUNTY HOSPITAL -
Issued by Thawte SGC CA - G2
About this certificate
This digital certificate with serial number 78:f6:e4:37:09:e8:4e:64:9b:ba:df:0d:97:24:7a:52 was issued on by Thawte, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
- Subscriber Certificate: extKeyUsage values other than id-kp-serverAuth, id-kp-clientAuth, and id-kp-emailProtection SHOULD NOT be present. (BRs: 7.1.2.3)
THE CHESTER COUNTY HOSPITAL
Organization:
THE CHESTER COUNTY HOSPITAL
Organization unit: Information Technology
Organization unit: Information Technology
State / Province:
Pennsylvania
Locality: West Chester
Country: US
Locality: West Chester
Country: US
Thawte, Inc.
Organization:
Thawte, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 78:f6:e4:37:09:e8:4e:64:9b:ba:df:0d:97:24:7a:52Serial Number (int): 160789293271394249289494874410186996306
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 24:c0:c0:a4:49:3c:52:0b:12:d8:92:0c:51:d1:87:a7:4d:54:75:2c
Fingerprint (sha1): d1:aa:eb:49:0d:da:e3:68:96:aa:08:26:2f:c1:a9:90:5b:be:fc:48
Fingerprint (sha256): 30:56:29:72:29:f7:07:e7:86:01:1d:45:9e:e5:82:33:71:aa:44:cd:eb:9e:52:c1:58:73:34:ae:f7:9b:89:3e
Issuing Certificate URL: http://svr-sgc-aia.thawte.com/ThawteSGCG2.cer
Revocation information
OCSP Server: http://ocsp.thawte.comCRL Distribution Point: http://svr-sgc-crl.thawte.com/ThawteSGCG2.crl
Check the revocation status for certificate www.cchosp.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.cchosp.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Netscape Server-Gated Cryptography
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.cchosp.com
Other certificates including the domain name cchosp.com
(limited to 100 certificates)
imperva.com
OncologyPortal.cchosp.com
imperva.com
portal.cchosp.com
imperva.com
www.cchosp.com
webmail.cchosp.com
vpn.cchosp.com
imperva.com
www.cchosp.com
cchosp.com
www.cchosp.com
imperva.com
webmail.cchosp.com
www.cchosp.com
imperva.com
mail.cchosp.com
kfhelp.cchosp.com
imperva.com
imperva.com
imperva.com
www.cchosp.com
cchosp.com
cchosp.com
imperva.com
portal.cchosp.com
www.cchosp.com
imperva.com
apps.cchosp.com
imperva.com
imperva.com
imperva.com
imperva.com
portal.cchosp.com
imperva.com
OncologyPortal.cchosp.com
imperva.com
portal.cchosp.com
imperva.com
www.cchosp.com
webmail.cchosp.com
vpn.cchosp.com
imperva.com
www.cchosp.com
cchosp.com
www.cchosp.com
imperva.com
webmail.cchosp.com
www.cchosp.com
imperva.com
mail.cchosp.com
kfhelp.cchosp.com
imperva.com
imperva.com
imperva.com
www.cchosp.com
cchosp.com
cchosp.com
imperva.com
portal.cchosp.com
www.cchosp.com
imperva.com
apps.cchosp.com
imperva.com
imperva.com
imperva.com
imperva.com
portal.cchosp.com
imperva.com
Certificate
The complete raw certificate details for www.cchosp.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIQePbkNwnoTmSbut8NlyR6UjANBgkqhkiG9w0BAQUFADBB MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMRswGQYDVQQDExJU aGF3dGUgU0dDIENBIC0gRzIwHhcNMTIxMTEzMDAwMDAwWhcNMTUwMTA2MjM1OTU5 WjCBmzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBlbm5zeWx2YW5pYTEVMBMGA1UE BxQMV2VzdCBDaGVzdGVyMSQwIgYDVQQKFBtUSEUgQ0hFU1RFUiBDT1VOVFkgSE9T UElUQUwxHzAdBgNVBAsUFkluZm9ybWF0aW9uIFRlY2hub2xvZ3kxFzAVBgNVBAMU Dnd3dy5jY2hvc3AuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA t/4K/OF/Gx2Y4VIn708e1s++z+4pu8i1XolKyd0K1HHHX8b2pzO2ANseWdCqwmyR Y99cR48Btql048doWyoVaON4B1bPEanGvNx93WI0MKG67bJ5+B94rviClgvDtSK9 WB3xvn/TZDJ4n/+BUZAoXTfhs3ZO2HgYKhLse4rnL3BLhhT3S5OjYU47FbWvOXRc /ecRiknbO1HCM/FI8sq8Xt9Y2Dxdgde5q/E2uWIRROTOWZiY+ICDxAq6nhg6+X6M B9/e6y87/G4XeZuI2wx23omuyduIloREIB46niLpsRbfUWtWZL0uIv6LQvncOwGA qSr3Qz+f9RQNSufqhDh9fQIDAQABo4IBdzCCAXMwGQYDVR0RBBIwEIIOd3d3LmNj aG9zcC5jb20wCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwQQYDVR0gBDowODA2 BgpghkgBhvhFAQc2MCgwJgYIKwYBBQUHAgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5j b20vY3BzMB8GA1UdIwQYMBaAFCTAwKRJPFILEtiSDFHRh6dNVHUsMD4GA1UdHwQ3 MDUwM6AxoC+GLWh0dHA6Ly9zdnItc2djLWNybC50aGF3dGUuY29tL1RoYXd0ZVNH Q0cyLmNybDAoBgNVHSUEITAfBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIE ATBtBggrBgEFBQcBAQRhMF8wIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLnRoYXd0 ZS5jb20wOQYIKwYBBQUHMAKGLWh0dHA6Ly9zdnItc2djLWFpYS50aGF3dGUuY29t L1RoYXd0ZVNHQ0cyLmNlcjANBgkqhkiG9w0BAQUFAAOCAQEAi89nPQR4RqLqqaTO o84GNjHWT4ks+k9f8Em5cIFM9yFv83ol9r76sQNk/ZEcl8HE5S/pUK7OS0zIisR6 6UeAHnQBidwQq2xWZ7m7KmbWYly9mMC8DE7BQZqhu40aNsdld0sqCjAP8G4y4iKS VTPmGBoreUg8ndqFBtKVJlKMnBSwzpiSs/IvWBz6nWb9gt6THafztaGsC+MO4ZYH NyfsLoNAIG4ZZfWceNraZRroSy4WKDlIuhwb7qwh34uZzMkoAJ4Y9Sk3ZCfXAVGq KpwAZ/kU3H/nT50iWMJ3BX+Q2dRAXByeCya5T5IYwyFE18VB3osBQIQoeD+NAqJC XLVcKw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/4K/OF/Gx2Y4VIn708e 1s++z+4pu8i1XolKyd0K1HHHX8b2pzO2ANseWdCqwmyRY99cR48Btql048doWyoV aON4B1bPEanGvNx93WI0MKG67bJ5+B94rviClgvDtSK9WB3xvn/TZDJ4n/+BUZAo XTfhs3ZO2HgYKhLse4rnL3BLhhT3S5OjYU47FbWvOXRc/ecRiknbO1HCM/FI8sq8 Xt9Y2Dxdgde5q/E2uWIRROTOWZiY+ICDxAq6nhg6+X6MB9/e6y87/G4XeZuI2wx2 3omuyduIloREIB46niLpsRbfUWtWZL0uIv6LQvncOwGAqSr3Qz+f9RQNSufqhDh9 fQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 160789293271394249289494874410186996306 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte SGC CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2012-11-13 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-01-06 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pennsylvania' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'West Chester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'THE CHESTER COUNTY HOSPITAL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Information Technology' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'www.cchosp.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23226883042207846022839237629451689197133838373384986016730319265141208843795842074811960740007011732875825243828239636671108438981091643350077254898052207435134343974081665144692985866555679111694993736008529298412914987433350864010829877013380334081660563689696053301689002731108251375261093592433948688772038868241723969007106592327045565844404890581470210233240667346134611031415191390094512741579831798062761897068116109658260320680661306432830757839246021414510896433417669861962311400542266151663309166494577962800776122917391293871464232867186911728557006583407015297583104550758450892997382455569553718541693 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cchosp.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 24c0c0a4493c520b12d8920c51d187a74d54752c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://svr-sgc-crl.thawte.com/ThawteSGCG2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (33 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113730.4.1 (serverGatedCrypto) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (97 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.thawte.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://svr-sgc-aia.thawte.com/ThawteSGCG2.cer' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008bcf673d047846a2eaa9a4cea3ce063631d64f892cfa4f5ff049b970814cf7216ff37a25f6befab10364fd911c97c1c4e52fe950aece4b4cc88ac47ae947801e740189dc10ab6c5667b9bb2a66d6625cbd98c0bc0c4ec1419aa1bb8d1a36c765774b2a0a300ff06e32e222925533e6181a2b79483c9dda8506d29526528c9c14b0ce9892b3f22f581cfa9d66fd82de931da7f3b5a1ac0be30ee196073727ec2e8340206e1965f59c78dada651ae84b2e16283948ba1c1beeac21df8b99ccc928009e18f529376427d70151aa2a9c0067f914dc7fe74f9d2258c277057f90d9d4405c1c9e0b26b94f9218c32144d7c541de8b01408428783f8d02a2425cb55c2b