Get Your FREE
TLS Compliance
Report Now!
Enter your domain and email to see your compliance report
The TLS checker (ssl checker) highlights TLS Compliance against NIST 800-52 (PCI, HIPPI, & FFIEC) data-in-transit standards. It includes data on TLS versions, TLS ciphers, TLS certificate, and TLS server configuration details. Below is a sample TLS Check report.
Overall Compliance Summary
Overall compliance score is:
B | 85%
TLS Handshake
13/20
Certificates
58/62
Cipher Quality
RECOMMENDED
60%
All 'recommended' ciphers are 'secure' ciphers by definition. Recommended means that these ciphers also support PFS (Perfect Forward Secrecy) and should be your first choice if you want the highest level of security
SECURE
20%
Secure ciphers are considered state-of-the-art and if you want to secure your web server you should certainly choose from this set
WEAK
60%
These ciphers are old and should be disabled if you are setting up a new server for example
INSECURE
0%
These ciphers are very old and shouldn't be used under any circumstances
Key Strength
90%
NIST Compliance
NIST
NIST Including CHACHA
ChaCha2020/Poly1305 is not a NIST approved cipher suite but considered secure for commercial use and is widely deployed. This score is calculated assuming CHACHA is also compliant.
Server Status
Server
as on Dec 7
B | 85%
Parameter Status
TLS Handshake
13/20
Certificates
58/62
Cipher Quality
RECOMMENDED
60%
All 'recommended' ciphers are 'secure' ciphers by definition. Recommended means that these ciphers also support PFS (Perfect Forward Secrecy) and should be your first choice if you want the highest level of security
SECURE
20%
Secure ciphers are considered state-of-the-art and if you want to secure your web server you should certainly choose from this set
WEAK
60%
These ciphers are old and should be disabled if you are setting up a new server for example
INSECURE
0%
These ciphers are very old and shouldn't be used under any circumstances
Key Strength
90%
NIST Compliance
NIST
NIST Including CHACHA
ChaCha2020/Poly1305 is not a NIST approved cipher suite but considered secure for commercial use and is widely deployed. This score is calculated assuming CHACHA is also compliant.
Last Month :0
Last Quarter :0
Last Year :0
- TLS 1.3
- TLS 1.2
- TLS 1.1
- TLS 1.0
Compliance Score
B | 89%
TLS Handshake
7/9
Certificates
RSA
15/15
ECDSA
14/16
Cipher Quality
RECOMMENDED
100%
All 'recommended' ciphers are 'secure' ciphers by definition. Recommended means that these ciphers also support PFS (Perfect Forward Secrecy) and should be your first choice if you want the highest level of security
SECURE
0%
Secure ciphers are considered state-of-the-art and if you want to secure your web server you should certainly choose from this set
WEAK
0%
These ciphers are old and should be disabled if you are setting up a new server for example
INSECURE
0%
These ciphers are very old and shouldn't be used under any circumstances
Key Strength
90%
NIST Compliance
NIST
NIST Including CHACHA
ChaCha2020/Poly1305 is not a NIST approved cipher suite but considered secure for commercial use and is widely deployed. This score is calculated assuming CHACHA is also compliant.
Parameter Status
TLS Handshake
Parameters | NIST Compliance | ||
| |||
Server Name Indication Extension Support | |||
Supported Versions Extension Support | |||
Signed Certificate Timestamps Extension Support | |||
Supported Groups Extension Support | |||
Key Share Extension Support | |||
Supported Cipher Suites | |||
Early Data Indication Extension Support | |||
Certificate Status Request Extension Support | |||
Signature Algorithms Extension Support |
Certificates - RSA
Parameters | NIST Compliance | ||
| |||
Public Cert Auth Key Identifier | |||
Public Cert Subject DN | |||
Public Cert Expiry Date | |||
Public Cert Extended Key Usage | |||
Public Cert Auth Info | |||
Public Cert Issuer Signature Algorithm | |||
Public Cert Subject DN CN | |||
Public Cert Type | |||
Public Cert Issuer DN | |||
Public Cert Sub Key Identifier | |||
Public Cert Signature Algorithm | |||
Public Cert Key Usage | |||
Public Cert SAN Entries | |||
Public Cert Key Length | |||
Public Cert Version (X509 Version) |
Certificates - ECDSA
Parameters | NIST Compliance | ||
| |||
Public Cert Auth Key Identifier | |||
Public Cert Subject DN | |||
Public Cert Expiry Date | |||
Public Cert Extended Key Usage | |||
Public Cert Auth Info | |||
Public Cert Issuer Signature Algorithm | |||
Public Cert Subject DN CN | |||
ECDSA Public Key Curve | |||
Public Cert Type | |||
Public Cert Issuer DN | |||
Public Cert Sub Key Identifier | |||
Public Cert Signature Algorithm | |||
Public Cert Key Usage | |||
Public Cert SAN Entries | |||
Public Cert Key Length | |||
Public Cert Version (X509 Version) |
Cipher Suites
Parameters | NIST Compliance | ||
| |||
RECOMMENDED | |||
TLS_AKE_WITH_AES_128_GCM_SHA256 | |||
TLS_AKE_WITH_AES_256_GCM_SHA384 | |||
TLS_AKE_WITH_CHACHA20_POLY1305_SHA256 |