­
Lock logo 70px
ExpeditedSSL - Fastest+Easiest Heroku SSL


SSL Scan Results for absentee.vote.org

Cert Issued by DigiCert Inc on September 21, 2016

A+

6 out of 6 Checks Passed

Not Expiring

Your Expiration Date: Sep 26, 2017

SSL Certificates can typically only be renewed in the 30 day window prior to their expiration.

Future Proofed Signature Algorithm

Your Signature Algorithm: sha256 with rsa encryption

SSL validity is ensured in part by verifying that the certificate has not been tampered with, this is accomplished with a 'Secure Hash Algorithm'. The most common algorithm currently in use is 'SHA-1'.

Services are beginning to migrate to SHA256 as this makes it harder for attackers to manipulate or spoof your connection and in the next few years SHA256 will be a requirement.

Some older devices and browsers still rely on SHA1.

Certificate Key Size of at least 2048 bits

Your Key Size: 2048 bits

All certificates issued after Jan 1, 2014 need to be have at least a 2048 bit key length. Optimal key sizes are a balance between security and speed and the current recommendation is 2048.

Redirects 'http' to 'https'

This is an optional requirement as your web application may or may not need to be fully SSL secured.

You'll need to implement this in your application.

Site uses HSTS

HTTP Strict Transport Security (HSTS) is a HTTP response header that is set on your web application server. Supporting browsers read the header which contains an expiration max-age value and will NOT reconnect on a plain HTTP connection until the max-age value is exceeded. HSTS prevents a variety of attacks where an intermediary could disrupt or spoof connections.

You'll need to implement this in your application.

More HSTS information at: http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security

NOT Vulnerable to POODLE

POODLE is a SSL attack that compromises connections by manipulating the SSL setup between a browser and a web server. It only effects older versions of the SSL library installed on web servers and then only certain cipher sets within that SSL version.

Check Another:

Don't Let absentee.vote.org Go Down
Email circle icon

Get monthly notifications on cert expiration, critical exploits and how to get your site current with the latest security recommendations.