weibo.com
IP地址: 202.108.0.99:443(北京) 服务器: SHANHAI-SERVER
站点标题: | redirect to https://passport.weibo.com/visitor/visitor?entry=miniblog&a=enter&url=https%3A%2F%2Fweibo.com%2F&domain=weibo.com&ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_11_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F51.0.2704.103%20Safari%2F537.36&_rand=1705050774291&sudaref= |
---|---|
检测时间: | 2024-01-12 17:12:54 ( 耗时:1秒 ) |
检测到当前证书信息已发生变化,您可以点击 刷新报告 进行重新检测 。
证书信息
信任状态 | 可信 |
是 | |
通用名称 | weibo.cn |
颁发者 | GeoTrust CN RSA CA G1 |
启用SNI | 是 |
弱密钥检测 | 否 |
加密算法 | ECDSA 256 bits |
签名算法 | SHA256WithRSA |
证书透明(CT) | 是 (Apple: (来自证书,有效)) |
证书品牌 | GeoTrust |
证书类型 | OV SSL |
开始时间 | 2023-05-04 08:00:00 |
结束时间 | 2024-05-15 07:59:59 |
吊销状态 | 正常 |
OCSP装订状态 | 不支持 |
OCSP必须装订 | 否 |
组织机构 | Sina.com Technology(China)Co.,ltd |
部门 | -- |
备用名称 | weibo.cn weibo.com www.weibo.cn company.admin.weibo.com company.verified.weibo.com ...... 查看全部 weibo.cn weibo.com www.weibo.cn company.admin.weibo.com company.verified.weibo.com admin.event.weibo.com krcom.cn *.sina.cn *.sinaimg.cn *.music.sina.com.cn *.krcom.cn *.api.weibo.cn *.star.weibo.com *.movie.weibo.com *.qr.weibo.cn *.h5.weibo.cn *.oasis.weibo.cn *.edm.weibo.cn *.weibo.cn *.sinajs.cn *.forecast.sina.cn *.weibo.com *.sina.com.cn *.music.weibo.com *.chengdu.weibo.cn *.photo.weibo.com *.ting.weibo.com *.media.weibo.com |
证书链信息 了解详细 下载证书链
颁发给: | weibo.cn(根证书来自服务器,会增加额外的握手开销) |
颁发者: | GeoTrust CN RSA CA G1 |
加密算法: | ECDSA 256 bits |
签名算法: | SHA256WithRSA |
证书指纹: | C36EDD2D8D09B8E85142A10B327E34C8786FA596 |
公钥PIN值: | GJHXCJiPG89/NjQUFFBvRu7Qe+26UdX110MJPyd6NXc= |
有效期: | 2023-05-04 ~ 2024-05-15 (剩余 46 天) |
颁发给: | GeoTrust CN RSA CA G1(根证书来自服务器,会增加额外的握手开销) |
颁发者: | DigiCert Global Root CA |
加密算法: | RSA 2048 bits |
签名算法: | SHA256WithRSA |
证书指纹: | ABCB7101356F9E4E7A449988E4300BD03B321F95 |
公钥PIN值: | 4H6OXny7MqJPbCOTpHyS0fSSUeHk/I5nKbIyuQwnfsA= |
有效期: | 2019-06-20 ~ 2029-06-20 (剩余 1909 天) |
颁发给: | DigiCert Global Root CA(根证书来自服务器,会增加额外的握手开销) |
颁发者: | DigiCert Global Root CA |
加密算法: | RSA 2048 bits |
签名算法: | SHA1WithRSA |
证书指纹: | A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436 |
公钥PIN值: | r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E= |
有效期: | 2006-11-10 ~ 2031-11-10 (剩余 2782 天) |
颁发给: | weibo.cn (根证书来自服务器,会增加额外的握手开销) |
颁发者: | GeoTrust CN RSA CA G1 |
有效期: | 2023-05-04 ~ 2024-05-15 (剩余 46 天) |
颁发给: | GeoTrust CN RSA CA G1 (根证书来自服务器,会增加额外的握手开销) |
颁发者: | DigiCert Global Root CA |
有效期: | 2019-06-20 ~ 2029-06-20 (剩余 1909 天) |
颁发给: | DigiCert Global Root CA (根证书来自服务器,会增加额外的握手开销) |
颁发者: | DigiCert Global Root CA |
有效期: | 2006-11-10 ~ 2031-11-10 (剩余 2782 天) |
信任状态 | 可信 |
是 | |
通用名称 | weibo.cn |
颁发者 | GeoTrust CN RSA CA G1 |
启用SNI | 是 |
弱密钥检测 | 否 |
加密算法 | RSA 2048 bits |
签名算法 | SHA256WithRSA |
证书透明(CT) | 是 (Apple: (来自证书,有效)) |
证书品牌 | GeoTrust |
证书类型 | OV SSL |
开始时间 | 2023-04-18 08:00:00 |
结束时间 | 2024-05-15 07:59:59 |
吊销状态 | 正常 |
OCSP装订状态 | 不支持 |
OCSP必须装订 | 否 |
组织机构 | Sina.com Technology(China)Co.,ltd |
部门 | -- |
备用名称 | weibo.cn weibo.com www.weibo.cn company.admin.weibo.com company.verified.weibo.com ...... 查看全部 weibo.cn weibo.com www.weibo.cn company.admin.weibo.com company.verified.weibo.com admin.event.weibo.com krcom.cn *.sina.cn *.sinaimg.cn *.music.sina.com.cn *.krcom.cn *.api.weibo.cn *.star.weibo.com *.movie.weibo.com *.qr.weibo.cn *.h5.weibo.cn *.oasis.weibo.cn *.edm.weibo.cn *.weibo.cn *.sinajs.cn *.forecast.sina.cn *.weibo.com *.sina.com.cn *.music.weibo.com *.chengdu.weibo.cn *.photo.weibo.com *.ting.weibo.com *.media.weibo.com |
证书链信息 了解详细 下载证书链
颁发给: | weibo.cn(根证书来自服务器,会增加额外的握手开销) |
颁发者: | GeoTrust CN RSA CA G1 |
加密算法: | RSA 2048 bits |
签名算法: | SHA256WithRSA |
证书指纹: | 79BAC80E94434A8224D9A7D4075667C16BED51BB |
公钥PIN值: | m19aO6qYhqIeFG1ux07E4kQ6kRafHoP0a0yYje/LBfc= |
有效期: | 2023-04-18 ~ 2024-05-15 (剩余 46 天) |
颁发给: | GeoTrust CN RSA CA G1(根证书来自服务器,会增加额外的握手开销) |
颁发者: | DigiCert Global Root CA |
加密算法: | RSA 2048 bits |
签名算法: | SHA256WithRSA |
证书指纹: | ABCB7101356F9E4E7A449988E4300BD03B321F95 |
公钥PIN值: | 4H6OXny7MqJPbCOTpHyS0fSSUeHk/I5nKbIyuQwnfsA= |
有效期: | 2019-06-20 ~ 2029-06-20 (剩余 1909 天) |
颁发给: | DigiCert Global Root CA(根证书来自服务器,会增加额外的握手开销) |
颁发者: | DigiCert Global Root CA |
加密算法: | RSA 2048 bits |
签名算法: | SHA1WithRSA |
证书指纹: | A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436 |
公钥PIN值: | r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E= |
有效期: | 2006-11-10 ~ 2031-11-10 (剩余 2782 天) |
颁发给: | weibo.cn (根证书来自服务器,会增加额外的握手开销) |
颁发者: | GeoTrust CN RSA CA G1 |
有效期: | 2023-04-18 ~ 2024-05-15 (剩余 46 天) |
颁发给: | GeoTrust CN RSA CA G1 (根证书来自服务器,会增加额外的握手开销) |
颁发者: | DigiCert Global Root CA |
有效期: | 2019-06-20 ~ 2029-06-20 (剩余 1909 天) |
颁发给: | DigiCert Global Root CA (根证书来自服务器,会增加额外的握手开销) |
颁发者: | DigiCert Global Root CA |
有效期: | 2006-11-10 ~ 2031-11-10 (剩余 2782 天) |
支持协议
TLS 1.3 | 不支持 | ||
TLS 1.2 | 支持 | ||
TLS 1.1 | 支持 | ||
TLS 1.0 | 支持 | 1 | |
SSL 3 | 不支持 | ||
SSL 2 | 不支持 |
支持的加密套件
TLS 1.2 (服务器顺序优先) |
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xC02B) 128 bits FS 名称:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 代码:0xC02B 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F) 128 bits FS 名称:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 代码:0xC02F 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xC02C) 256 bits FS 名称:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 代码:0xC02C 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xC030) 256 bits FS 名称:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 代码:0xC030 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xCCA9) 256 bits FS 名称:TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 代码:0xCCA9 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xCCA8) 256 bits FS 名称:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 代码:0xCCA8 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xC023) 128 bits FS 名称:TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 代码:0xC023 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xC027) 128 bits FS 名称:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 代码:0xC027 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xC009) 128 bits FS 名称:TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 代码:0xC009 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xC013) 128 bits FS 名称:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 代码:0xC013 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xC024) 256 bits FS 名称:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 代码:0xC024 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xC028) 256 bits FS 名称:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 代码:0xC028 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xC00A) 256 bits FS 名称:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 代码:0xC00A 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xC014) 256 bits FS 名称:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 代码:0xC014 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES |
TLS 1.1 (服务器顺序优先) |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xC009) 128 bits FS 名称:TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 代码:0xC009 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xC013) 128 bits FS 名称:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 代码:0xC013 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xC00A) 256 bits FS 名称:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 代码:0xC00A 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xC014) 256 bits FS 名称:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 代码:0xC014 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES |
TLS 1.0 (服务器顺序优先) |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xC009) 128 bits FS 名称:TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 代码:0xC009 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xC013) 128 bits FS 名称:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 代码:0xC013 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:128 bits 正向加密:YES 是否安全:YES TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xC00A) 256 bits FS 名称:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 代码:0xC00A 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xC014) 256 bits FS 名称:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 代码:0xC014 描述:ECDH x25519 (eq. 3072 bits RSA) 加密强度:256 bits 正向加密:YES 是否安全:YES |
协议详情
HTTP/2 | 支持 | |
新型的TLS配置 | 是 | |
支持TLS 1.3 | 不支持 | |
期望CT | 不支持 | |
OCSP装订 | 不支持 | |
预防降级攻击 | 支持 | |
正向保密 | 支持 | |
HTTP严格传输安全(HSTS) | 不支持 | |
公钥固定(HPKP) | 不支持 | |
公钥固定报告 | 不支持 | |
XSS保护 | 支持 | 1; mode=block |
CAA | 不支持 | |
NPN | 不支持 | |
ALPN | 支持 | h2,http/1.1 |
TLS心跳(扩展) | 不支持 | |
支持的EC椭圆曲线 | 支持 | x25519,secp256r1,x448,secp521r1,secp384r1 (服务器顺序优先) |
SSL2握手兼容 | 支持 | |
会话恢复(caching) | 不支持 | 服务端分配SessionID,但是不接受 |
会话恢复(Ticket) | 不支持 | |
STARTTLS | 不支持 | |
过长的ClientHello兼容 | 不支持 | |
未知TLS版本兼容 | 不支持 | |
不正确的SNI警告 | 不支持 | |
DH公钥参数重用 | 否 | 不支持DHE系列的加密套件 |
ECDH公钥参数重用 | 否 | |
服务端安全重协商 | 支持 | |
客户端安全重协商 | 支持 | |
客户端不安全重协商 | 不支持 | |
支持RC4套件 | 不支持 | |
是否为邮件服务器 | 否 |
SSL漏洞
是否影响 | 危险系数 | 说明 | |
---|---|---|---|
因系统升级改造,相关功能暂停服务! | |||
DROWN 漏洞 | |||
OpenSSL Padding Oracle 攻击 | |||
FREAK漏洞 | |||
Logjam漏洞 | |||
OpenSSL CCS 注入漏洞 | |||
心血漏洞(Heartbleed) | |||
POODLE漏洞 | |||
CRIME漏洞 |
客户端握手模拟
Android 4.4.2 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Android 5.0.0 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Android 6.0 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > http/1.1 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Android 7.0 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Android 8.0 No FS1 No SNI2 | 握手失败 (protocol_version) | |||
Android 9.0 No FS1 No SNI2 | 握手失败 (protocol_version) | |||
Baiduspider/2.0 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Googlebot/2.0 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
YandexBot July 2018 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
360Spider July 2018 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
SougouSpider July 2018 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Baidu HTTPS认证 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
BingPreview Jan 2015 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Chrome 49 / XP SP3 No FS1 No SNI2 | RSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 FS | |
Chrome 51 / Win 7 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Chrome 63 /macOS High Sierra 10.13.2 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Chrome 69 / Win 10 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Chrome 71 / Win 10 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Chrome 80 / Win 10 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Firefox 31.3.0 ESR / Win 7 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Firefox 47 / Win 7 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Firefox 49 / XP SP3 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Firefox 49 / Win 7 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Firefox 57 /macOS High Sierra 10.13.2 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Firefox 62 / Win 10 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Firefox 64 / win 10 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Firefox 73 / Win 10 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
IE 6 / XP No FS1 No SNI2 | 握手失败 (handshake_failure) | |||
IE 7 / Vista No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.0 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA FS | |
IE 8 / XP No FS1 No SNI2 | 握手失败 (handshake_failure) | |||
IE 8-10 / Win 7 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.0 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA FS | |
IE 11 / Win 7 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
IE 11 / Win 8.1 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > http/1.1 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
IE 10 / Win Phone 8.0 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.0 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA FS | |
IE 11 / Win Phone 8.1 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > http/1.1 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
IE 11 / Win Phone 8.1 Update No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > http/1.1 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
IE 11 / Win 10 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Edge 13 / Win 10 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Edge 13 / Win Phone 10 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Java 6u45 No FS1 No SNI2 | 握手失败 (handshake_failure) | |||
Java 7u25 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.0 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA FS | |
Java 8u31 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Java 11.0.3 No FS1 No SNI2 | 握手失败 (protocol_version) | |||
OpenSSL 0.9.8y No FS1 No SNI2 | 握手失败 (handshake_failure) | |||
OpenSSL 1.0.1l No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
OpenSSL 1.0.2e No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Openssl 1.1.1 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Safari 5.1.9 / OS X 10.6.8 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.0 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA FS | |
Safari 6 / iOS 6.0.1 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 FS | |
Safari 6.0.4 / OS X 10.8.4 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.0 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA FS | |
Safari 7 / iOS 7.1 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 FS | |
Safari 7 / OS X 10.9 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 FS | |
Safari 8 / iOS 8.4 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 FS | |
Safari 8 / OS X 10.10 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 FS | |
Safari 9 / iOS 9 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Safari 9 / OS X 10.11 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Safari 10 / iOS 10 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Safari 10 / OS X 10.12 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Apple ATS 9 / iOS 9 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
Yahoo Slurp Jan 2015 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
UC浏览器 6 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
360浏览器 13 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
360极速浏览器 8 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
360浏览器 12 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
360浏览器 8 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
QQ浏览器 9 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
世界之窗浏览器 7 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
猎豹浏览器 6 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
傲游浏览器 5 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
搜狗浏览器 7 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 > h2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS | |
百度浏览器 8 No FS1 No SNI2 | ECDSA(SHA256) | TLSv1.2 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 FS |
证书兼容性测试
ECC | RSA | |
---|---|---|
Android 2.3 (Gingerbread) | ||
Android 4.0 (Ice Cream Sandwich) | ||
Android 4.1 (Jelly Bean) | ||
Android 4.2 (Jelly Bean) | ||
Android 4.3 (Jelly Bean) | ||
Android 4.4 (KitKat) | ||
Android 5.0 (Lollipop) | ||
Android 5.1 (Lollipop) | ||
Android 6.0 (Marshmallow) | ||
Android 7.0 (Android Nougat) | ||
Android 7.1 (Android Nougat) | ||
Android 8.0 (Android Oreo) | ||
Android 9.0 (Android Pie) | ||
Android 10.0 (Android Q) | ||
Android 11.0 (Android R) | ||
iOS 5-6 | ||
iOS 7 | ||
iOS 8 | ||
iOS 9 | ||
iOS 10 | ||
iOS 11 | ||
iOS 12 | ||
iOS 13 | ||
iOS 14 | ||
OS X 10.9 (Mavericks) | ||
OS X 10.10 (Yosemite) | ||
OS X 10.11 (Eicapitan) | ||
OS X 10.12 (Sierra) | ||
OS X 10.13 (High Sierra) | ||
OS X 10.14 (Mojave) | ||
java 7u181 | ||
java 8u161 | ||
java_8u181 | ||
java_8u202 | ||
java 9 | ||
java 10 | ||
java 11 | ||
java 12 | ||
java 13 | ||
java 17 | ||
Firefox 3.0 | ||
Firefox 3.5 | ||
Firefox 3.6 | ||
Firefox 6.0 | ||
Firefox 16 | ||
Firefox 23 | ||
Firefox 32 | ||
Firefox 42 | ||
Firefox 50 | ||
Firefox 51 | ||
Firefox 54 | ||
Firefox 58 | ||
Firefox 63 | ||
Firefox 65 | ||
Windows XP | ||
Windows 7 | ||
Windows 8 | ||
Windows 10 |
配置指南:
说明:
- SNI:服务器名称指示,这是一个的TLS扩展,允许服务器在相同的IP和端口上部署多个证书。
- PFS:PFS(perfect forward secrecy)完全正向保密,要求一个密钥只能用于一个连接,一个密钥被破解,并不影响其他密钥的安全性。
- HPKP:公钥固定,这是一种https网站防止攻击者使用CA错误颁发的证书进行中间人攻击的一种安全机制。
- HSTS:这是一个响应头,用来强制启用HTTPS协议,解决301跳转的劫持的问题。
- OCSP:Online Certificate Status Protocol 证书吊销状态在线检查协议。
- OCSP Stapling:OCSP装订,通过TLS握手时传输吊销状态,加快SSL完成握手的速度。
登录后查看更多信息
登录