two.sse.hewitt.com

Issued by GeoTrust SSL CA

About this certificate


This digital certificate with serial number 03:14:ca was issued on by GeoTrust, Inc. .

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

Cerificate errors/warnings *beta

  • ERROR: businessCategory is required for [EV] certificates
  • ERROR: jurisdictionCountryName is required for [EV] certificates

Hewitt Associates LLC

Company registration number: U-fyd0Nyufzq6ejJiFEOJEYYcfSUhmTq
Organization: Hewitt Associates LLC
Organization unit: TSS
State / Province: Illinois
Locality: LINCOLNSHIRE
Country: US

GeoTrust, Inc.

Organization: GeoTrust, Inc.
State / Province: Illinois
Locality: LINCOLNSHIRE
Country: US

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): 03:14:ca
Serial Number (int): 201930
Serial Number lenght: 18 bits, 3 octets

SubjectKeyId: ea:4e:b9:ec:b1:d4:5a:1d:88:59:6f:08:f4:91:ea:e5:65:4e:8b:17
AuthorityKeyId: 42:79:54:1b:61:cd:55:2b:3e:63:d5:3c:48:57:f5:9f:fb:45:ce:4a

Fingerprint (sha1): 98:1a:d8:08:40:bc:47:88:66:7c:7c:41:12:a0:59:9d:ed:d1:e1:7b
Fingerprint (sha256): 98:03:45:99:42:70:28:57:07:7b:37:ca:e8:87:75:8c:e8:75:43:3e:c8:0a:93:09:0c:d2:b3:5c:e2:3e:63:09

Issuing Certificate URL: http://gtssl-aia.geotrust.com/gtssl.crt

Revocation information

OCSP Server: http://gtssl-ocsp.geotrust.com
CRL Distribution Point: http://gtssl-crl.geotrust.com/crls/gtssl.crl

Check the revocation status for the current certificate on two.sse.hewitt.com
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment
Data Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any other subject alternative names besides the common name of the subject: two.sse.hewitt.com

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgIDAxTKMA0GCSqGSIb3DQEBBQUAMEAxCzAJBgNVBAYTAlVT MRcwFQYDVQQKEw5HZW9UcnVzdCwgSW5jLjEYMBYGA1UEAxMPR2VvVHJ1c3QgU1NM IENBMB4XDTE1MDYwMTAwMDIwNloXDTE2MTIzMTEyMDMzMlowga0xKTAnBgNVBAUT IFUtZnlkME55dWZ6cTZlakppRkVPSkVZWWNmU1VobVRxMQswCQYDVQQGEwJVUzER MA8GA1UECBMISWxsaW5vaXMxFTATBgNVBAcTDExJTkNPTE5TSElSRTEeMBwGA1UE ChMVSGV3aXR0IEFzc29jaWF0ZXMgTExDMQwwCgYDVQQLEwNUU1MxGzAZBgNVBAMT EnR3by5zc2UuaGV3aXR0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJuXGbTVICwAMJHZo7poprrQIZeO0O9YW7o36pkSdBgzDgsmu6neLCeDyeut cSy2ZrAzFxvGQ1TFTjpd2BdS6IS7/s8B9RGHTcO5rVZZ/NetOgImBIdGpgEtIYNx ZNWrYzp8J0pN1sPhd4XWMYoOc06IihohTs4Xej57Mx8PsJC9X5aXZpenHRCHtD8+ uQQUS5fgWxv05romWQ5k1lQmuTGjzgl/g0gDMyHVWtwgqxUML4154myp8TQmA6FD nPj2ir0PQPUno6DUSS5BmhiP4SkBjqfk+Y3Na41bhazk8MuTRYEnF7VyAdjAqM8F +mH1n4zLvyqbkFyRnqOjAssN1r0CAwEAAaOCAZ4wggGaMB8GA1UdIwQYMBaAFEJ5 VBthzVUrPmPVPEhX9Z/7Rc5KMA4GA1UdDwEB/wQEAwIEsDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0RBBYwFIISdHdvLnNzZS5oZXdpdHQuY29t MD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9ndHNzbC1jcmwuZ2VvdHJ1c3QuY29t L2NybHMvZ3Rzc2wuY3JsMB0GA1UdDgQWBBTqTrnssdRaHYhZbwj0kerlZU6LFzAM BgNVHRMBAf8EAjAAMG8GCCsGAQUFBwEBBGMwYTAqBggrBgEFBQcwAYYeaHR0cDov L2d0c3NsLW9jc3AuZ2VvdHJ1c3QuY29tMDMGCCsGAQUFBzAChidodHRwOi8vZ3Rz c2wtYWlhLmdlb3RydXN0LmNvbS9ndHNzbC5jcnQwTAYDVR0gBEUwQzBBBgpghkgB hvhFAQc2MDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jl c291cmNlcy9jcHMwDQYJKoZIhvcNAQEFBQADggEBAAS0eUSO60XkNuOLboxpN+5K WxV1cZoe+N1WIfoOY3JFEUCJ0oWEw1a+4EVBqxXbLLoTP6e/o9sq1ipwqQ18cWnh u681pBUryZ9UNKKHY91w8bOaf9gPmc2fgh8F1/5eYc55NMojknRyuGNYgInHiAnY XsDlWPxRzBEeijx4jMCrHvjhdkuejSaCbcKUcd+5hNOgXGAcyE9QSThmX+fE1rPA En+cg9Ngw4z7NTVUkaBk9HNcBab/VbgxC/EK049gQEt7oWUvMhkcujvjPyso9jyu OoEnW8+WR36eRZiDuFCXE5uSdMlSes8bJ6RvVydVDx0eBfiFYoeqFf0r+UDwmso= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5cZtNUgLAAwkdmjumim utAhl47Q71hbujfqmRJ0GDMOCya7qd4sJ4PJ661xLLZmsDMXG8ZDVMVOOl3YF1Lo hLv+zwH1EYdNw7mtVln81606AiYEh0amAS0hg3Fk1atjOnwnSk3Ww+F3hdYxig5z ToiKGiFOzhd6PnszHw+wkL1flpdml6cdEIe0Pz65BBRLl+BbG/TmuiZZDmTWVCa5 MaPOCX+DSAMzIdVa3CCrFQwvjXnibKnxNCYDoUOc+PaKvQ9A9SejoNRJLkGaGI/h KQGOp+T5jc1rjVuFrOTwy5NFgScXtXIB2MCozwX6YfWfjMu/KpuQXJGeo6MCyw3W vQIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 201930 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-06-01 00:02:06 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-12-31 12:03:32 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'U-fyd0Nyufzq6ejJiFEOJEYYcfSUhmTq' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Illinois' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'LINCOLNSHIRE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hewitt Associates LLC' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TSS' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'two.sse.hewitt.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19641447661679886434080667856846179996360664753636678629556682210341073390787043517787060295940131178955769106567990247564974728584559451576864602795970539633873487575513536513843777171595362173832737627996347719692846103030638103652103250434255010146495250261500486131725860023787625340701813634653135937940492025096661560480128048984009092422959526848189473582124717117171326939951104549136111842180507103153935460518116702097423149601693222868878316861315057635981094472054553653756241762014241572404091984170961132503585837345097389682932163130854664496272579010407022360807793176655082774439715129368180238964413 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 4279541b61cd552b3e63d53c4857f59ffb45ce4a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits) 04b0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'two.sse.hewitt.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gtssl-crl.geotrust.com/crls/gtssl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ea4eb9ecb1d45a1d88596f08f491eae5654e8b17 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gtssl-ocsp.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gtssl-aia.geotrust.com/gtssl.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.geotrust.com/resources/cps' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0004b479448eeb45e436e38b6e8c6937ee4a5b1575719a1ef8dd5621fa0e637245114089d28584c356bee04541ab15db2cba133fa7bfa3db2ad62a70a90d7c7169e1bbaf35a4152bc99f5434a28763dd70f1b39a7fd80f99cd9f821f05d7fe5e61ce7934ca23927472b863588089c78809d85ec0e558fc51cc111e8a3c788cc0ab1ef8e1764b9e8d26826dc29471dfb984d3a05c601cc84f504938665fe7c4d6b3c0127f9c83d360c38cfb35355491a064f4735c05a6ff55b8310bf10ad38f60404b7ba1652f32191cba3be33f2b28f63cae3a81275bcf96477e9e459883b85097139b9274c9527acf1b27a46f5727550f1d1e05f8856287aa15fd2bf940f09aca