www.chocolatesun.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:92:cf:75:ca:67:8b:2f:68:2a:b5:a5:45:5b:c3:c4:a6:61 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.chocolatesun.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:92:cf:75:ca:67:8b:2f:68:2a:b5:a5:45:5b:c3:c4:a6:61Serial Number (int): 311293845164847998170447324997479792158305
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 5a:83:53:d8:25:e1:93:14:56:22:c5:f6:78:49:ad:21:d4:4e:de:88
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): b5:c9:41:c7:89:9c:38:77:c5:ce:66:6c:ab:f1:26:4e:68:16:5e:4e
Fingerprint (sha256): 71:f8:8f:ad:f9:27:75:e0:c9:86:78:43:a4:02:47:46:a8:c0:36:bd:bc:99:c4:65:c2:66:fa:6a:21:38:fa:d1
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.chocolatesun.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.chocolatesun.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.chocolatesun.com
Other certificates including the domain name chocolatesun.com
(limited to 100 certificates)
chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
www.chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
www.chocolatesun.com
chocolatesun.com
www.chocolatesun.com
www.chocolatesun.com
www.chocolatesun.com
chocolatesun.com
www.chocolatesun.com
www.chocolatesun.com
chocolatesun.com
www.chocolatesun.com
chocolatesun.com
chocolatesun.com
www.chocolatesun.com
chocolatesun.com
www.chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
www.chocolatesun.com
www.chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
www.chocolatesun.com
chocolatesun.com
www.chocolatesun.com
www.chocolatesun.com
www.chocolatesun.com
chocolatesun.com
chocolatesun.com
www.chocolatesun.com
www.chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
www.chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
www.chocolatesun.com
chocolatesun.com
www.chocolatesun.com
www.chocolatesun.com
www.chocolatesun.com
chocolatesun.com
www.chocolatesun.com
www.chocolatesun.com
chocolatesun.com
www.chocolatesun.com
chocolatesun.com
chocolatesun.com
www.chocolatesun.com
chocolatesun.com
www.chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
www.chocolatesun.com
www.chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
chocolatesun.com
www.chocolatesun.com
chocolatesun.com
www.chocolatesun.com
www.chocolatesun.com
www.chocolatesun.com
chocolatesun.com
chocolatesun.com
www.chocolatesun.com
www.chocolatesun.com
chocolatesun.com
Certificate
The complete raw certificate details for www.chocolatesun.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISA5LPdcpniy9oKrWlRVvDxKZhMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzEwMTAxOTE3NDFaFw0x ODAxMDgxOTE3NDFaMB8xHTAbBgNVBAMTFHd3dy5jaG9jb2xhdGVzdW4uY29tMIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJYsD80m/K4FMxtrB4sHIRtJ N7UUGT8aoZ0rz+qhzL+xsQWJLJkRm0Qop/aahw2lhOIj58rOCtHtyafN6Oz2QZGY dO2vBj1NxdJgYbr0hfDBfS+vIhlHrokv+buHYWBe8HyDK8rsvGjBW/hfzsJeINd4 Ak3RMN4uU57afntE4hN65X0sic5WAbRKAL+l4RwVCyVtvNVoAgwMVtHspGBx8wz+ hzlXwT/ERZ3kFB5UrUhJm1F84NuvS6ZNCfA1a9pw1sSn2AJzu5FxS6VwqPAR2Sg9 RMI+5SCEMGLA0tk3jVCZYIEN4AgLnuTKrk4HaFA+XaN4SeU+rRc4v3HZTce5awID AQABo4ICFDCCAhAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB BggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRag1PYJeGTFFYixfZ4 Sa0h1E7eiDAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEF BQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5j cnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5j cnlwdC5vcmcvMB8GA1UdEQQYMBaCFHd3dy5jaG9jb2xhdGVzdW4uY29tMIH+BgNV HSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEFBQcC ARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGeDIGb VGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBSZWx5 aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0 aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcv cmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAE6jiT/2YLzECTWXl1KZqOrb fo3TiuQzAdKrxx4ABc677c+msbRdg3kcJfPmlZulssu1ivBn8MANgkhwv1A1qLsL TM8q0oFkqHqNOGF+hZ9Kq9AgrDDzTNzY4PyrjyJpXtJrnl4klMSLzIcAeUFX83aD EuyEICdxzF40m+0a+9H/LtyYagHb8d1UV2O6ONdLBu2CdJqCJ7DMpJoy94RJIwS/ wm7Cu2rcY+LSFvFHsIDU6nOK23XgWVJKeZgAx4Dy0CvMEfU2csr/NbwefFmEppxs bsnsBPVn1keB6i4deVvpo5FXmFKBqPGXdKTuaaHZqdAU5aAul2i4C2DFvisSGQk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJYsD80m/K4FMxtrB4sH IRtJN7UUGT8aoZ0rz+qhzL+xsQWJLJkRm0Qop/aahw2lhOIj58rOCtHtyafN6Oz2 QZGYdO2vBj1NxdJgYbr0hfDBfS+vIhlHrokv+buHYWBe8HyDK8rsvGjBW/hfzsJe INd4Ak3RMN4uU57afntE4hN65X0sic5WAbRKAL+l4RwVCyVtvNVoAgwMVtHspGBx 8wz+hzlXwT/ERZ3kFB5UrUhJm1F84NuvS6ZNCfA1a9pw1sSn2AJzu5FxS6VwqPAR 2Sg9RMI+5SCEMGLA0tk3jVCZYIEN4AgLnuTKrk4HaFA+XaN4SeU+rRc4v3HZTce5 awIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 311293845164847998170447324997479792158305 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-10-10 19:17:41 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-01-08 19:17:41 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.chocolatesun.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24816760403780597640188362410245955555708132636177542657285847815934429755967634951541198602272432216979722072532555388782178882060096530627434110610753089975318986954998671653697163955874970490481863924773188668621380062452558475555664744689642540949985472465723937839443555377410770070651297674536372473371670657525588644866094143815686733008090683370766631122786056939960405296988778911661941934655175162648869339048748490617847348343268795042163536352306591584271375240280539638468582468064346862394354906575139326863162089529953983872323413920065415657772953187553006473906423204182914953463804263735180346767723 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5a8353d825e193145622c5f67849ad21d44ede88 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.chocolatesun.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004ea3893ff660bcc4093597975299a8eadb7e8dd38ae43301d2abc71e0005cebbedcfa6b1b45d83791c25f3e6959ba5b2cbb58af067f0c00d824870bf5035a8bb0b4ccf2ad28164a87a8d38617e859f4aabd020ac30f34cdcd8e0fcab8f22695ed26b9e5e2494c48bcc8700794157f3768312ec84202771cc5e349bed1afbd1ff2edc986a01dbf1dd545763ba38d74b06ed82749a8227b0cca49a32f784492304bfc26ec2bb6adc63e2d216f147b080d4ea738adb75e059524a799800c780f2d02bcc11f53672caff35bc1e7c5984a69c6c6ec9ec04f567d64781ea2e1d795be9a39157985281a8f19774a4ee69a1d9a9d014e5a02e9768b80b60c5be2b121909