www.hmhealthsolutions.com
- Highmark -
Issued by thawte SHA256 SSL CA
About this certificate
This digital certificate with serial number 7b:0b:2b:23:dc:2a:ab:db:61:4e:12:cb:61:7f:79:dd was issued on by thawte, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Highmark
Organization:
Highmark
State / Province:
Pennsylvania
Locality: Pittsburgh
Country: US
Locality: Pittsburgh
Country: US
thawte, Inc.
Organization:
thawte, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 7b:0b:2b:23:dc:2a:ab:db:61:4e:12:cb:61:7f:79:ddSerial Number (int): 163553033731725469108798964111046048221
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 2b:9a:35:ae:01:18:38:30:e1:70:7a:05:e0:11:76:a3:ce:bd:90:14
Fingerprint (sha1): 33:ed:55:64:72:52:35:9c:de:dd:c4:1d:8b:2f:4d:0d:b7:0c:b3:4d
Fingerprint (sha256): 74:00:01:66:9b:04:58:26:08:3c:13:1b:d8:05:98:1d:f2:82:7b:06:bf:ef:47:63:4e:9a:39:6c:4e:86:92:fa
Issuing Certificate URL: http://tg.symcb.com/tg.crt
Revocation information
OCSP Server: http://tg.symcd.comCRL Distribution Point: http://tg.symcb.com/tg.crl
Check the revocation status for certificate www.hmhealthsolutions.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.hmhealthsolutions.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.hmhs.com
www.hmhealthsolutions.com
www.hmhealthsolutions.com
Other certificates including the domain name hmhealthsolutions.com
(limited to 100 certificates)
www.hmhealthsolutions.com
www.hmhealthsolutions.com
lyncproxypool.highmark.com
owa.hmhs.com
lyncproxypool.highmark.com
www.hmhealthsolutions.com
www.hmhealthsolutions.com
owa.hmhs.com
lyncwebextBR.hmhs.com
client.hmhs.com
client.hmhs.com
www.hmhealthsolutions.com
sipaccess.highmark.com
www.hmhealthsolutions.com
client.hmhs.com
client.hmhs.com
client.hmhs.com
lyncaccess2.hmhs.com
lyncaccess1.hmhs.com
lyncwebextBR.hmhs.com
www.hmhealthsolutions.com
lyncproxypool.highmark.com
owa.hmhs.com
lyncproxypool.highmark.com
www.hmhealthsolutions.com
www.hmhealthsolutions.com
owa.hmhs.com
lyncwebextBR.hmhs.com
client.hmhs.com
client.hmhs.com
www.hmhealthsolutions.com
sipaccess.highmark.com
www.hmhealthsolutions.com
client.hmhs.com
client.hmhs.com
client.hmhs.com
lyncaccess2.hmhs.com
lyncaccess1.hmhs.com
lyncwebextBR.hmhs.com
Certificate
The complete raw certificate details for www.hmhealthsolutions.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgIQewsrI9wqq9thThLLYX953TANBgkqhkiG9w0BAQsFADBD MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMR0wGwYDVQQDExR0 aGF3dGUgU0hBMjU2IFNTTCBDQTAeFw0xNTAyMTkwMDAwMDBaFw0xODEwMDgyMzU5 NTlaMHAxCzAJBgNVBAYTAlVTMRUwEwYDVQQIDAxQZW5uc3lsdmFuaWExEzARBgNV BAcMClBpdHRzYnVyZ2gxETAPBgNVBAoMCEhpZ2htYXJrMSIwIAYDVQQDDBl3d3cu aG1oZWFsdGhzb2x1dGlvbnMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAzjKV58O7mPcma7BDXfUobyQ/sPPMjoOqq371xcwWXvwwREIiFeNzCyrr 8UQcg6PUE1r67q2Em8EPghiE1V8cpxSOT1jHYLMBmVHLoN+08+oebU3bb4GmoBtd 5JqyhdGKj5dj1ogfSXihX2vysWs7R+cnitK7GFt1F6K4Dqc2xINUPksn/LvITf43 Pay8d5XhdQKfL+vfV/20mr3PeNw0Eif43ldOuatWXyvZGPUZ7SkXQCtZZNHABFOF S0GO4yyKGf/zGsCyp0prz/bfGy1SiCGrHeuWtz0qJjWv0fVuQKA5LZj6kFWLCQh4 tH8t5KFdyvL6wN3KBhqDkf6ImLQw2wIDAQABo4IBjTCCAYkwMgYDVR0RBCswKYIM d3d3LmhtaHMuY29tghl3d3cuaG1oZWFsdGhzb2x1dGlvbnMuY29tMAkGA1UdEwQC MAAwcgYDVR0gBGswaTBnBgpghkgBhvhFAQc2MFkwJgYIKwYBBQUHAgEWGmh0dHBz Oi8vd3d3LnRoYXd0ZS5jb20vY3BzMC8GCCsGAQUFBwICMCMMIWh0dHBzOi8vd3d3 LnRoYXd0ZS5jb20vcmVwb3NpdG9yeTAOBgNVHQ8BAf8EBAMCBaAwHwYDVR0jBBgw FoAUK5o1rgEYODDhcHoF4BF2o869kBQwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDov L3RnLnN5bWNiLmNvbS90Zy5jcmwwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMFcGCCsGAQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL3RnLnN5bWNk LmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL3RnLnN5bWNiLmNvbS90Zy5jcnQwDQYJ KoZIhvcNAQELBQADggEBADRp1exQdjax8lk4skHpuRnvITk8j6z2J2ZWdklhrqN2 mOZwzFjysSmjsZvdS8yVyY+vhEbvfjp5lPZqrpVgoXMg0WUZ4TukepD0ULHO9mpa 4ljnFSVV6+WVoY1NHHMajTi05xz7U2H3JSDlPNh3s1BTEbSrDX7Rbr+AekFPxZy4 l7R4ghleUKg7GfFJTmP8yw29GI9yu0s3JaBFYSOhLqQqSaljF3jhWig6hrss2SDA 1pZU7w3cvBEbNpJ58TRypJWFv2xJXF+mtpK20t63TIU53oQ7vwXdxbBGXGDnn5uv yzeMpO6XoTt3fmGa7GFAeh1F3+Lwq9YKSbEin9qoJig= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjKV58O7mPcma7BDXfUo byQ/sPPMjoOqq371xcwWXvwwREIiFeNzCyrr8UQcg6PUE1r67q2Em8EPghiE1V8c pxSOT1jHYLMBmVHLoN+08+oebU3bb4GmoBtd5JqyhdGKj5dj1ogfSXihX2vysWs7 R+cnitK7GFt1F6K4Dqc2xINUPksn/LvITf43Pay8d5XhdQKfL+vfV/20mr3PeNw0 Eif43ldOuatWXyvZGPUZ7SkXQCtZZNHABFOFS0GO4yyKGf/zGsCyp0prz/bfGy1S iCGrHeuWtz0qJjWv0fVuQKA5LZj6kFWLCQh4tH8t5KFdyvL6wN3KBhqDkf6ImLQw 2wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 163553033731725469108798964111046048221 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte SHA256 SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-02-19 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-08 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Pennsylvania' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Pittsburgh' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Highmark' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.hmhealthsolutions.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26030035496140096171487865691174144153907867313574530985708049039749590161317684864715254371207216248273752457052837473570460424260428336313059608297089768743362459670435517629921338747209847332371249232798439221335177132420981794055557919476354877689123648025023902005571657407377790407895493958939362465799678195742063010343456440119487509638985854307482529139205586374300139157487630447682237050223356919708599843389402187646528510876176268154966457611772818442932340201251468336129729463006695468818973375247701946506266856343013145961970156619728088074783260967374955337453426685233553639297589051957236901097691 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (43 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hmhs.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hmhealthsolutions.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (107 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 2b9a35ae01183830e1707a05e01176a3cebd9014 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tg.symcb.com/tg.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tg.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tg.symcb.com/tg.crt' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003469d5ec507636b1f25938b241e9b919ef21393c8facf6276656764961aea37698e670cc58f2b129a3b19bdd4bcc95c98faf8446ef7e3a7994f66aae9560a17320d16519e13ba47a90f450b1cef66a5ae258e7152555ebe595a18d4d1c731a8d38b4e71cfb5361f72520e53cd877b3505311b4ab0d7ed16ebf807a414fc59cb897b47882195e50a83b19f1494e63fccb0dbd188f72bb4b3725a0456123a12ea42a49a9631778e15a283a86bb2cd920c0d69654ef0ddcbc111b369279f13472a49585bf6c495c5fa6b692b6d2deb74c8539de843bbf05ddc5b0465c60e79f9bafcb378ca4ee97a13b777e619aec61407a1d45dfe2f0abd60a49b1229fdaa82628