webmail.sito.fi
Issued by GeoTrust DV SSL CA - G4
About this certificate
This digital certificate with serial number d3:35 was issued on by GeoTrust Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=webmail.sito.fi,OU=GT37592683+OU=See www.geotrust.com/resources/cps (c)15+OU=Domain Control Validated - QuickSSL(R) Premium
GeoTrust Inc.
Organization:
GeoTrust Inc.
Organization unit: Domain Validated SSL
Organization unit: Domain Validated SSL
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): d3:35Serial Number (int): 54069
Serial Number lenght: 16 bits, 2 octets
SubjectKeyId:
AuthorityKeyId: 0b:50:ec:77:ef:2a:9b:ff:ec:03:a1:0a:ff:ad:c6:e4:2a:18:c7:3e
Fingerprint (sha1): 3f:76:87:59:01:53:1d:74:41:8b:f7:ed:47:6a:c5:71:31:2b:39:64
Fingerprint (sha256): 3d:9d:af:1d:1c:44:0e:fc:dc:cc:d0:0e:78:dc:69:45:de:0c:5f:0b:94:e5:0f:67:50:27:66:91:0f:68:e0:85
Issuing Certificate URL: http://gu.symcb.com/gu.crt
Revocation information
OCSP Server: http://gu.symcd.comCRL Distribution Point: http://gu.symcb.com/gu.crl
Check the revocation status for certificate webmail.sito.fi
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for webmail.sito.fi
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
autodiscover.sito.fi
webmail.sito.fi
webmail.sito.fi
Other certificates including the domain name sito.fi
(limited to 100 certificates)
*.sito.fi
www.sito.fi
kaiku.sito.fi
benviroc.com
benviroc.com
uutiskirje.sito.fi
*.sito.fi
webmail.sito.fi
webmail.sito.fi
benviroc.com
kaiku.sito.fi
kaiku.sito.fi
*.sito.fi
kaiku.sito.fi
kaiku.sito.fi
kaiku.sito.fi
kaiku.sito.fi
webmail.sito.fi
benviroc.com
*.sito.fi
kaiku.sito.fi
mail.sito.fi
kaiku.sito.fi
kaikukartta.sito.fi
webmail.sito.fi
www.sito.fi
www.sito.fi
*.sito.fi
benviroc.com
kaiku.sito.fi
sip.sito.fi
benviroc.com
ucwsext.sito.fi
*.sito.fi
kaiku.sito.fi
www.sito.fi
www.sito.fi
kaiku.sito.fi
benviroc.com
benviroc.com
uutiskirje.sito.fi
*.sito.fi
webmail.sito.fi
webmail.sito.fi
benviroc.com
kaiku.sito.fi
kaiku.sito.fi
*.sito.fi
kaiku.sito.fi
kaiku.sito.fi
kaiku.sito.fi
kaiku.sito.fi
webmail.sito.fi
benviroc.com
*.sito.fi
kaiku.sito.fi
mail.sito.fi
kaiku.sito.fi
kaikukartta.sito.fi
webmail.sito.fi
www.sito.fi
www.sito.fi
*.sito.fi
benviroc.com
kaiku.sito.fi
sip.sito.fi
benviroc.com
ucwsext.sito.fi
*.sito.fi
kaiku.sito.fi
www.sito.fi
Certificate
The complete raw certificate details for webmail.sito.fi in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIDANM1MA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAlVT MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR0wGwYDVQQLExREb21haW4gVmFsaWRh dGVkIFNTTDEgMB4GA1UEAxMXR2VvVHJ1c3QgRFYgU1NMIENBIC0gRzQwHhcNMTUw MzA0MDgxMDE3WhcNMTcwMzA1MTY1MTI1WjCBmzETMBEGA1UECxMKR1QzNzU5MjY4 MzExMC8GA1UECxMoU2VlIHd3dy5nZW90cnVzdC5jb20vcmVzb3VyY2VzL2NwcyAo YykxNTE3MDUGA1UECxMuRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkIC0gUXVpY2tT U0woUikgUHJlbWl1bTEYMBYGA1UEAxMPd2VibWFpbC5zaXRvLmZpMIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wooNA/ChybgoOv+jZZMAVqSG7EsOvea JgAmsYzWzucNI9zSTAWnA0NybvIwNDwQ36bJVzV+k5F8F+SCOXd6iQJRJoj8BsUM r7CCYTnE4yD2RBiAJYPNyDQCIN4DYKCE+9huDHqGvJ55YdQOwZmOHyi3tq67jqQU AbgPc0iD5452NsRbKIdqA4fnFTxxPvYJnIvz5VqYL47qbUKH+zQhu2ZGxOBJlNC+ PMc7JtW+/csalJ3dstHbq/Jy7TnF4XVg2F3E6a9B4ZHW6LWuYoSItFUeGKVLPE5D idFHvzOuRTjHsUaqD87PY/8pqwBVML/bsWMsCE6Zf7xtzPKPrIeW5QIDAQABo4IB djCCAXIwHwYDVR0jBBgwFoAUC1Dsd+8qm//sA6EK/63G5CoYxz4wVwYIKwYBBQUH AQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vZ3Uuc3ltY2QuY29tMCYGCCsGAQUF BzAChhpodHRwOi8vZ3Uuc3ltY2IuY29tL2d1LmNydDAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDAGA1UdEQQpMCeCFGF1dG9k aXNjb3Zlci5zaXRvLmZpgg93ZWJtYWlsLnNpdG8uZmkwKwYDVR0fBCQwIjAgoB6g HIYaaHR0cDovL2d1LnN5bWNiLmNvbS9ndS5jcmwwDAYDVR0TAQH/BAIwADBaBgNV HSAEUzBRME8GCmCGSAGG+EUBBzYwQTA/BggrBgEFBQcCARYzaHR0cHM6Ly93d3cu Z2VvdHJ1c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5L2xlZ2FsMA0GCSqGSIb3 DQEBCwUAA4IBAQC7Nhoa7NBP0xRHCSdmqtXC0fjhe5wVmaMjls9KGDm30JMAjaBB +m55lUsAUsrU3aNN0VJFXgtiFqgH9t2o9RjBrQsBKruoD7s2xcJ/3nRDnOoChqmk VgqHwSp22zVcfcDctZQF8Z0fdHgycGFuzHRDByGDPO/WdAqWgxTEQwJe3wtmUgPR ZV+0sHyLEKzjNTPaghojGOOo3IDMPRoGhMdVcCtlary6j2KaHsqle8hl+gGs/6rC Sdnp6BmJi9WH6wg/9mXkkWtKMneQC+FfLYsHAYPXrRGdfwWQeb1EYVw5eG1ys9Tw 4we6xA5h5kmaEqNaoH/GgeMOqS8voazrHm2n -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wooNA/ChybgoOv+jZZM AVqSG7EsOveaJgAmsYzWzucNI9zSTAWnA0NybvIwNDwQ36bJVzV+k5F8F+SCOXd6 iQJRJoj8BsUMr7CCYTnE4yD2RBiAJYPNyDQCIN4DYKCE+9huDHqGvJ55YdQOwZmO Hyi3tq67jqQUAbgPc0iD5452NsRbKIdqA4fnFTxxPvYJnIvz5VqYL47qbUKH+zQh u2ZGxOBJlNC+PMc7JtW+/csalJ3dstHbq/Jy7TnF4XVg2F3E6a9B4ZHW6LWuYoSI tFUeGKVLPE5DidFHvzOuRTjHsUaqD87PY/8pqwBVML/bsWMsCE6Zf7xtzPKPrIeW 5QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 54069 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust DV SSL CA - G4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-03-04 08:10:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-03-05 16:51:25 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GT37592683' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.geotrust.com/resources/cps (c)15' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated - QuickSSL(R) Premium' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'webmail.sito.fi' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28156150632696954229283468262367602022658117415737043422912614716216328571552234260973287015649233597491758792236022765521043079998553769270772106907685417659791391138796607966412625646207683140647490980236129773500616546241593112971671542532116839274772135247875903834280335326624570477363073902392759494494027510319034338217666973342108319324001327387550636446267214001134855644267176062789937914724837227974969737730802141545046670102075361505119845119674447361202148622596446940381825598361906513995746046574764197240310470603013961826030693168546193441769301099810032592946377024849117267873308080924721081194213 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0b50ec77ef2a9bffec03a10affadc6e42a18c73e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gu.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gu.symcb.com/gu.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (41 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.sito.fi' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.sito.fi' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gu.symcb.com/gu.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00bb361a1aecd04fd31447092766aad5c2d1f8e17b9c1599a32396cf4a1839b7d093008da041fa6e79954b0052cad4dda34dd152455e0b6216a807f6dda8f518c1ad0b012abba80fbb36c5c27fde74439cea0286a9a4560a87c12a76db355c7dc0dcb59405f19d1f74783270616ecc74430721833cefd6740a968314c443025edf0b665203d1655fb4b07c8b10ace33533da821a2318e3a8dc80cc3d1a0684c755702b656abcba8f629a1ecaa57bc865fa01acffaac249d9e9e819898bd587eb083ff665e4916b4a3277900be15f2d8b070183d7ad119d7f059079bd44615c39786d72b3d4f0e307bac40e61e6499a12a35aa07fc681e30ea92f2fa1aceb1e6da7