www.candybasketinc.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:3f:e5:84:d9:fd:23:5e:23:4e:e3:49:33:2e:cf:a2:ef:7a was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.candybasketinc.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:3f:e5:84:d9:fd:23:5e:23:4e:e3:49:33:2e:cf:a2:ef:7aSerial Number (int): 283079729926858490359836437494369959997306
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 8d:49:df:21:62:8f:a1:2f:4f:40:d7:39:6c:0d:f7:2a:b8:27:0e:4d
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 45:f6:1c:03:42:7c:59:3b:ee:dc:f2:dd:13:44:7a:d2:eb:d6:9a:1b
Fingerprint (sha256): 97:5c:b5:42:7a:02:5a:32:5a:02:02:a7:05:b9:51:10:95:78:e9:32:2f:90:0c:8e:72:3f:eb:11:8f:fc:f2:0b
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.candybasketinc.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.candybasketinc.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
candybasketinc.com
www.candybasketinc.com
www.candybasketinc.com
Other certificates including the domain name candybasketinc.com
(limited to 100 certificates)
shop.candybasketinc.com
candybasketinc.com
candybasketinc.com
www.shop.candybasketinc.com
candybasketinc.com
candybasketinc.com
www.candybasketinc.com
candybasketinc.com
candybasketinc.com
candybasketinc.com
candybasketinc.com
candybasketinc.com
candybasketinc.com
candybasketinc.com
candybasketinc.com
www.candybasketinc.com
www.candybasketinc.com
candybasketinc.com
www.candybasketinc.com
candybasketinc.com
www.candybasketinc.com
www.candybasketinc.com
candybasketinc.com
candybasketinc.com
candybasketinc.com
candybasketinc.com
shop.candybasketinc.com
candybasketinc.com
candybasketinc.com
www.candybasketinc.com
candybasketinc.com
candybasketinc.com
www.shop.candybasketinc.com
candybasketinc.com
candybasketinc.com
www.candybasketinc.com
candybasketinc.com
candybasketinc.com
candybasketinc.com
candybasketinc.com
candybasketinc.com
candybasketinc.com
candybasketinc.com
candybasketinc.com
www.candybasketinc.com
www.candybasketinc.com
candybasketinc.com
www.candybasketinc.com
candybasketinc.com
www.candybasketinc.com
www.candybasketinc.com
candybasketinc.com
candybasketinc.com
candybasketinc.com
candybasketinc.com
shop.candybasketinc.com
candybasketinc.com
candybasketinc.com
www.candybasketinc.com
Certificate
The complete raw certificate details for www.candybasketinc.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgISAz/lhNn9I14jTuNJMy7Pou96MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA4MjQyMDI2MDBaFw0x NzExMjIyMDI2MDBaMCExHzAdBgNVBAMTFnd3dy5jYW5keWJhc2tldGluYy5jb20w ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMcKSSVjNOYnBKUypqvThO D1QOfB4OxGK+CZ0A1omt/WjSV7v3GOyK+yWAxHVJDMeIN41RxMTBDA72lu4CnF9X HDUlYO10Nc4MeSMgg+JFdiu7nRgJ9PU4HV11fPaWq+6uQ8OrAfMJ0gF+jbEsQyZO 3UHc8DzjNtsX/eB7TCYAQiIAfEAs2HinCe0r2KcavU40Qhs6Kw6+dhBHzHkYX7IC Tn/MGn4MZYHciWI6ser7TlZWbiDMahJNNqgYfY7bEtgLU/pI5Q/TY2Pw7obK3qvy rEHvkOhJp6BNK2jx1ETJovDz90zR7uJ3v+PlwN6hoFCkkr0zoMTrZudufJGMzToN AgMBAAGjggIqMIICJjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFI1J3yFij6EvT0DX OWwN9yq4Jw5NMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsG AQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNl bmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNl bmNyeXB0Lm9yZy8wNQYDVR0RBC4wLIISY2FuZHliYXNrZXRpbmMuY29tghZ3d3cu Y2FuZHliYXNrZXRpbmMuY29tMIH+BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsr BgEEAYLfEwEBATCB1jAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlw dC5vcmcwgasGCCsGAQUFBwICMIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25s eSBiZSByZWxpZWQgdXBvbiBieSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4g YWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQg aHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQEL BQADggEBAF3Nq6p6pWZeGsg49e1oYwUvSUiXtKLeeuv0dBckwq47DmxfXhbs4cJv 8kanCxjC+GCHf/abh1LAmx7fXJY4jqMIZj9ztgRLMe2BCU/Z8UcDoivA2wTHu0Xo 7z+uS07cVEox5sejNg5aeQP0k0CuTLbAlheZL1PHMlxqP4U9Q8+QLXEzUgBP+rI6 t60nxRYDEy56HrG5nRRbPDm6vzom4m56SAvI/Oow03c7kzlDEnUsbXQY7qiZgBT/ 7niO8ytw4Xa8IEQnP86TLRi97SW4m5femz36bVCnfGKWq2WAyM7LlDretfLqqVNL VDJuOAPVA6ThWpbH2mPJde0nmYuEv8g= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHCkklYzTmJwSlMqar04 Tg9UDnweDsRivgmdANaJrf1o0le79xjsivslgMR1SQzHiDeNUcTEwQwO9pbuApxf Vxw1JWDtdDXODHkjIIPiRXYru50YCfT1OB1ddXz2lqvurkPDqwHzCdIBfo2xLEMm Tt1B3PA84zbbF/3ge0wmAEIiAHxALNh4pwntK9inGr1ONEIbOisOvnYQR8x5GF+y Ak5/zBp+DGWB3IliOrHq+05WVm4gzGoSTTaoGH2O2xLYC1P6SOUP02Nj8O6Gyt6r 8qxB75DoSaegTSto8dREyaLw8/dM0e7id7/j5cDeoaBQpJK9M6DE62bnbnyRjM06 DQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 283079729926858490359836437494369959997306 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-08-24 20:26:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-22 20:26:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.candybasketinc.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25808160476554468014126869042152496446348933338277014794012495141390631507137429072193704682300744773613896334446475325726447965278135156584293665993427772862049031308585821852377341700525337692587543533592692437864328308640708159438732456066748792023512946731363425175786858646933362230626997142275488571605186331185206079126594314455256507782309618201396160264086782024732154712908689609181427510523957115075019788804174285556815869135989090942914804914875679090167152794519399462015372431422192874392228999327169539647736589268767980165009067224471020917770864506975687719274204004695455707454885650329479647410701 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8d49df21628fa12f4f40d7396c0df72ab8270e4d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'candybasketinc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.candybasketinc.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005dcdabaa7aa5665e1ac838f5ed6863052f494897b4a2de7aebf4741724c2ae3b0e6c5f5e16ece1c26ff246a70b18c2f860877ff69b8752c09b1edf5c96388ea308663f73b6044b31ed81094fd9f14703a22bc0db04c7bb45e8ef3fae4b4edc544a31e6c7a3360e5a7903f49340ae4cb6c09617992f53c7325c6a3f853d43cf902d713352004ffab23ab7ad27c51603132e7a1eb1b99d145b3c39babf3a26e26e7a480bc8fcea30d3773b93394312752c6d7418eea8998014ffee788ef32b70e176bc2044273fce932d18bded25b89b97de9b3dfa6d50a77c6296ab6580c8cecb943adeb5f2eaa9534b54326e3803d503a4e15a96c7da63c975ed27998b84bfc8