webmail.cosanum.ch
- Cosanum AG -
Issued by GeoTrust SSL CA - G2
About this certificate
This digital certificate with serial number 68:d2:d8:5f:33:15:6f:e7:21:41:03:67:70:a5:04:41 was issued on by GeoTrust Inc..
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Compliant certificates must not encode explicitTest as an IA5String (RFC 6818: 3)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Compliant certificates should use the utf8string encoding for explicitText (RFC 6818: 3)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Cosanum AG
Organization:
Cosanum AG
Organization unit: IT
Organization unit: IT
State / Province:
Zuerich
Locality: Schlieren
Country: CH
Locality: Schlieren
Country: CH
GeoTrust Inc.
Organization:
GeoTrust Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 68:d2:d8:5f:33:15:6f:e7:21:41:03:67:70:a5:04:41Serial Number (int): 139334482444883043589285167985947116609
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 11:4a:d0:73:39:d5:5b:69:08:5c:ba:3d:bf:64:9a:a8:8b:1c:55:bc
Fingerprint (sha1): 15:e4:1e:f6:0b:46:76:32:cc:a9:ca:aa:9c:be:81:6d:8c:b2:7a:f6
Fingerprint (sha256): 83:a6:ce:b2:c3:5f:35:e4:3b:80:60:5c:ad:91:ab:6b:67:f9:a5:f4:75:cb:d9:78:d9:0e:c2:a2:85:d1:92:a1
Issuing Certificate URL: http://gb.symcb.com/gb.crt
Revocation information
OCSP Server: http://gb.symcd.comCRL Distribution Point: http://gb.symcb.com/gb.crl
Check the revocation status for certificate webmail.cosanum.ch
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for webmail.cosanum.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
secoex01.cosanum.ch
autodiscover.cosanum.ch
legacy.cosanum.ch
webmail.cosanum.ch
autodiscover.cosanum.ch
legacy.cosanum.ch
webmail.cosanum.ch
Other certificates including the domain name cosanum.ch
(limited to 100 certificates)
Certificate
The complete raw certificate details for webmail.cosanum.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIQaNLYXzMVb+chQQNncKUEQTANBgkqhkiG9w0BAQUFADBE MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU R2VvVHJ1c3QgU1NMIENBIC0gRzIwHhcNMTQwNzA4MDAwMDAwWhcNMTgwODI5MjM1 OTU5WjByMQswCQYDVQQGEwJDSDEQMA4GA1UECBQHWnVlcmljaDESMBAGA1UEBxQJ U2NobGllcmVuMRMwEQYDVQQKFApDb3NhbnVtIEFHMQswCQYDVQQLFAJJVDEbMBkG A1UEAxQSd2VibWFpbC5jb3NhbnVtLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAxfmMn7Z+QQLze0mXNgKCx05+HH6kNx5jjAIe8SiPpZza3f5IhYA8 OD7lDafgFARCUYWFiTJNUh5mDUrErf2RL5H7RGXC3ygBuyN2RUnPQmpD3lo9LbNA Fyvki+yqhYpWH4Z6r3PXk5OA7qimNur57wIE6DPAEJ8/Kdu4T2CPRB1HjCsDaz4v ipfJ+YNjpH9zLfLkySeMh+utLw58sMu/ljMWj2QNcn4mxtsLfGfm4DSgnKuxV7de HyaWUR63OD3RoANU5c5N+WNZKVW42lXBb/Baf4W0q3khrO+1mEWkbh8cBG09MqVl MmapzsrCTR7MhJ7E6IkL6pxGv8bRy9abowIDAQABo4IBrDCCAagwXgYDVR0RBFcw VYITc2Vjb2V4MDEuY29zYW51bS5jaIIXYXV0b2Rpc2NvdmVyLmNvc2FudW0uY2iC EWxlZ2FjeS5jb3NhbnVtLmNoghJ3ZWJtYWlsLmNvc2FudW0uY2gwCQYDVR0TBAIw ADAOBgNVHQ8BAf8EBAMCBaAwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL2diLnN5 bWNiLmNvbS9nYi5jcmwwZQYDVR0gBF4wXDBaBgpghkgBhvhFAQc2MEwwIwYIKwYB BQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkWF2h0 dHBzOi8vZC5zeW1jYi5jb20vcnBhMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF BQcDAjAfBgNVHSMEGDAWgBQRStBzOdVbaQhcuj2/ZJqoixxVvDBXBggrBgEFBQcB AQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9nYi5zeW1jZC5jb20wJgYIKwYBBQUH MAKGGmh0dHA6Ly9nYi5zeW1jYi5jb20vZ2IuY3J0MA0GCSqGSIb3DQEBBQUAA4IB AQCEsOUqyJtDu0kgl53HpmD9fgdP8YFpqE0GVFNLemaktlnE7INrHhwnbnRPG423 TMN2GGFdYabZ9zTR//2SvWTobU11MIuyFOk/ScH6IxDhA7zZQ+Z06b9AplXzYm4Y kRSnaUG6Oiy9tFe1JiShFq5ohXq/tDMneh6UkrlNXgSM/Ro+NujXqB0dTbn+CQKn xzY4wk12vJ2ohfPRYzVviFWmbCMEhjv3QZhR+BRuaiDuV5hU7steXls2R+dINPni S7aBrk+v4nCR/lqVJqQLvDg9sr1RZUxw7XqShesJwejqZiQb/CcC945qpY6dU8w1 L/m/K7/2YOCgLzq4zdLj2Drj -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfmMn7Z+QQLze0mXNgKC x05+HH6kNx5jjAIe8SiPpZza3f5IhYA8OD7lDafgFARCUYWFiTJNUh5mDUrErf2R L5H7RGXC3ygBuyN2RUnPQmpD3lo9LbNAFyvki+yqhYpWH4Z6r3PXk5OA7qimNur5 7wIE6DPAEJ8/Kdu4T2CPRB1HjCsDaz4vipfJ+YNjpH9zLfLkySeMh+utLw58sMu/ ljMWj2QNcn4mxtsLfGfm4DSgnKuxV7deHyaWUR63OD3RoANU5c5N+WNZKVW42lXB b/Baf4W0q3khrO+1mEWkbh8cBG09MqVlMmapzsrCTR7MhJ7E6IkL6pxGv8bRy9ab owIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 139334482444883043589285167985947116609 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust SSL CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-07-08 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-29 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Zuerich' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Schlieren' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Cosanum AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'webmail.cosanum.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24992003430483352135013110225316032514903814385262989942966203210438676454731532823354330441977693302855405397818007947269729569348814316368068119028099107267774258206385440242264809041859979761590232543482352569596069246683674867592285742829094181507116218524798770696760669327300018554385465353604542686152265271554566870750720123387508760882327922392318761207291872877382063942838069085427466324323977560185012122819390935033192977663469491420738000774940878263823706550348835356539935550647532589529658915102867434981266540366345813895497740633203283476936024863564821874314886399204433991674437661345976012938147 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secoex01.cosanum.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.cosanum.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'legacy.cosanum.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.cosanum.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gb.symcb.com/gb.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (94 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://d.symcb.com/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://d.symcb.com/rpa' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 114ad07339d55b69085cba3dbf649aa88b1c55bc . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gb.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gb.symcb.com/gb.crt' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0084b0e52ac89b43bb4920979dc7a660fd7e074ff18169a84d0654534b7a66a4b659c4ec836b1e1c276e744f1b8db74cc37618615d61a6d9f734d1fffd92bd64e86d4d75308bb214e93f49c1fa2310e103bcd943e674e9bf40a655f3626e189114a76941ba3a2cbdb457b52624a116ae68857abfb433277a1e9492b94d5e048cfd1a3e36e8d7a81d1d4db9fe0902a7c73638c24d76bc9da885f3d163356f8855a66c2304863bf7419851f8146e6a20ee579854eecb5e5e5b3647e74834f9e24bb681ae4fafe27091fe5a9526a40bbc383db2bd51654c70ed7a9285eb09c1e8ea66241bfc2702f78e6aa58e9d53cc352ff9bf2bbff660e0a02f3ab8cdd2e3d83ae3