This application checks a DANE TLS Service. It connects to the specified TLS service and then attempts to authenticate its TLS server certificate according to its corresponding DANE TLSA records in the DNS.
Port: 5223
Domain name: chatrix.one
Name Check for DANE-EE: on
Checking Transcript:
Host: chatrix.one Port: 5223 SNI: chatrix.one DNS TLSA RRset: qname: _5223._tcp.chatrix.one. 3 1 1 6c56fd6de8f0a3ccd7e20d9ad3c056ae17957d25ed2615cac226293209a7ee67 IP Addresses found: 140.238.214.118 ## Checking chatrix.one 140.238.214.118 port 5223 DANE TLSA 3 1 1 [6c56fd6d..]: OK matched EE certificate ## Peer Certificate Chain: 0 CN=chatrix.one CN=ZeroSSL RSA Domain Secure Site CA,O=ZeroSSL,C=AT 1 CN=ZeroSSL RSA Domain Secure Site CA,O=ZeroSSL,C=AT CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US 2 CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB ## PKIX Certificate Chain 0: 0 CN=chatrix.one CN=ZeroSSL RSA Domain Secure Site CA,O=ZeroSSL,C=AT 1 CN=ZeroSSL RSA Domain Secure Site CA,O=ZeroSSL,C=AT CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US 2 CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US ## PKIX Certificate Chain 1: 0 CN=chatrix.one CN=ZeroSSL RSA Domain Secure Site CA,O=ZeroSSL,C=AT 1 CN=ZeroSSL RSA Domain Secure Site CA,O=ZeroSSL,C=AT CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US 2 CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB 3 CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB ## DANE Certificate Chain 0: 0 CN=chatrix.one CN=ZeroSSL RSA Domain Secure Site CA,O=ZeroSSL,C=AT 1 CN=ZeroSSL RSA Domain Secure Site CA,O=ZeroSSL,C=AT CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US 2 CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB ## TLS Connection Info: TLS version: 1.3 CipherSuite: TLS_AES_256_GCM_SHA384 ## End-Entity Certificate Info: X509 version: 3 Serial#: cbf8a1aff27bf4dee6912166b2aacb27 Subject: CN=chatrix.one Issuer: CN=ZeroSSL RSA Domain Secure Site CA,O=ZeroSSL,C=AT SAN dNSName: chatrix.one SAN dNSName: conference.chatrix.one SAN dNSName: proxy.chatrix.one SAN dNSName: pubsub.chatrix.one SAN dNSName: upload.chatrix.one Signature Algorithm: SHA384-RSA PublicKey Algorithm: RSA 2048-Bits Inception: 2025-01-22 00:00:00 +0000 UTC Expiration: 2025-04-22 23:59:59 +0000 UTC KU: KeyEncipherment DigitalSignature EKU: ServerAuth ClientAuth Is CA?: false SKI: 84238b63488859d6e9a5fab3a4156a5adf63dd47 AKI: c8d97868a2d91968d53d72de5f0a3edcb58686a6 OSCP Servers: [http://zerossl.ocsp.sectigo.com] CA Issuer URL: [http://zerossl.crt.sectigo.com/ZeroSSLRSADomainSecureSiteCA.crt] CRL Distribution: [] Policy OIDs: [1.3.6.1.4.1.6449.1.2.2.78 2.23.140.1.2.1] Result: DANE OK [0] Authentication succeeded for all (1) peers.