Check a DANE TLS Service

This application checks a DANE TLS Service. It connects to the specified TLS service and then attempts to authenticate its TLS server certificate according to its corresponding DANE TLSA records in the DNS.

Port: 443
Domain name: rdap.centralnic.com

DANE Authentication Successful.


Checking Transcript:


TLSA records found: 1
TLSA: 2 1 1 60b87575447dcba2a36b7d11ac09fb24a9db406fee12d2cc90180517616e8a18

Connecting to IPv6 address: 2a04:2b00:119::c:10 port 443
TLSv1.2 handshake succeeded.
Cipher: TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Peer Certificate chain:
 0 Subject CN: console.centralnic.com
   Issuer  CN: Let's Encrypt Authority X3
 1 Subject CN: Let's Encrypt Authority X3
   Issuer  CN: DST Root CA X3
 SAN dNSName: console.centralnic.com
 SAN dNSName: eppgw-admin.centralnic.com
 SAN dNSName: manage.centralnic.com
 SAN dNSName: ote-console.centralnic.com
 SAN dNSName: ote-registry-api.centralnic.com
 SAN dNSName: rdap-ote.centralnic.com
 SAN dNSName: rdap.centralnic.com
 SAN dNSName: registrar-console.centralnic.com
 SAN dNSName: registrar-ftp.centralnic.com
 SAN dNSName: registry-api.centralnic.com
 SAN dNSName: search-whois-xmlrpc.centralnic.com
 SAN dNSName: search-whois.centralnic.com
 SAN dNSName: sni-ote.centralnic.com
 SAN dNSName: sni.centralnic.com
 SAN dNSName: whois-ote.centralnic.com
 SAN dNSName: whois.centralnic.com
DANE TLSA 2 1 1 [60b87575447d...] matched TA certificate at depth 1
Verified peername: rdap.centralnic.com
Validated Certificate chain:
 0 Subject CN: console.centralnic.com
   Issuer  CN: Let's Encrypt Authority X3
 1 Subject CN: Let's Encrypt Authority X3
   Issuer  CN: DST Root CA X3
 SAN dNSName: console.centralnic.com
 SAN dNSName: eppgw-admin.centralnic.com
 SAN dNSName: manage.centralnic.com
 SAN dNSName: ote-console.centralnic.com
 SAN dNSName: ote-registry-api.centralnic.com
 SAN dNSName: rdap-ote.centralnic.com
 SAN dNSName: rdap.centralnic.com
 SAN dNSName: registrar-console.centralnic.com
 SAN dNSName: registrar-ftp.centralnic.com
 SAN dNSName: registry-api.centralnic.com
 SAN dNSName: search-whois-xmlrpc.centralnic.com
 SAN dNSName: search-whois.centralnic.com
 SAN dNSName: sni-ote.centralnic.com
 SAN dNSName: sni.centralnic.com
 SAN dNSName: whois-ote.centralnic.com
 SAN dNSName: whois.centralnic.com

Connecting to IPv6 address: 2a04:2b00:119::c:110 port 443
TLSv1.2 handshake succeeded.
Cipher: TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Peer Certificate chain:
 0 Subject CN: console.centralnic.com
   Issuer  CN: Let's Encrypt Authority X3
 1 Subject CN: Let's Encrypt Authority X3
   Issuer  CN: DST Root CA X3
 SAN dNSName: console.centralnic.com
 SAN dNSName: eppgw-admin.centralnic.com
 SAN dNSName: manage.centralnic.com
 SAN dNSName: ote-console.centralnic.com
 SAN dNSName: ote-registry-api.centralnic.com
 SAN dNSName: rdap-ote.centralnic.com
 SAN dNSName: rdap.centralnic.com
 SAN dNSName: registrar-console.centralnic.com
 SAN dNSName: registrar-ftp.centralnic.com
 SAN dNSName: registry-api.centralnic.com
 SAN dNSName: search-whois-xmlrpc.centralnic.com
 SAN dNSName: search-whois.centralnic.com
 SAN dNSName: sni-ote.centralnic.com
 SAN dNSName: sni.centralnic.com
 SAN dNSName: whois-ote.centralnic.com
 SAN dNSName: whois.centralnic.com
DANE TLSA 2 1 1 [60b87575447d...] matched TA certificate at depth 1
Verified peername: rdap.centralnic.com
Validated Certificate chain:
 0 Subject CN: console.centralnic.com
   Issuer  CN: Let's Encrypt Authority X3
 1 Subject CN: Let's Encrypt Authority X3
   Issuer  CN: DST Root CA X3
 SAN dNSName: console.centralnic.com
 SAN dNSName: eppgw-admin.centralnic.com
 SAN dNSName: manage.centralnic.com
 SAN dNSName: ote-console.centralnic.com
 SAN dNSName: ote-registry-api.centralnic.com
 SAN dNSName: rdap-ote.centralnic.com
 SAN dNSName: rdap.centralnic.com
 SAN dNSName: registrar-console.centralnic.com
 SAN dNSName: registrar-ftp.centralnic.com
 SAN dNSName: registry-api.centralnic.com
 SAN dNSName: search-whois-xmlrpc.centralnic.com
 SAN dNSName: search-whois.centralnic.com
 SAN dNSName: sni-ote.centralnic.com
 SAN dNSName: sni.centralnic.com
 SAN dNSName: whois-ote.centralnic.com
 SAN dNSName: whois.centralnic.com

Connecting to IPv4 address: 119.252.181.10 port 443
TLSv1.2 handshake succeeded.
Cipher: TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Peer Certificate chain:
 0 Subject CN: console.centralnic.com
   Issuer  CN: Let's Encrypt Authority X3
 1 Subject CN: Let's Encrypt Authority X3
   Issuer  CN: DST Root CA X3
 SAN dNSName: console.centralnic.com
 SAN dNSName: eppgw-admin.centralnic.com
 SAN dNSName: manage.centralnic.com
 SAN dNSName: ote-console.centralnic.com
 SAN dNSName: ote-registry-api.centralnic.com
 SAN dNSName: rdap-ote.centralnic.com
 SAN dNSName: rdap.centralnic.com
 SAN dNSName: registrar-console.centralnic.com
 SAN dNSName: registrar-ftp.centralnic.com
 SAN dNSName: registry-api.centralnic.com
 SAN dNSName: search-whois-xmlrpc.centralnic.com
 SAN dNSName: search-whois.centralnic.com
 SAN dNSName: sni-ote.centralnic.com
 SAN dNSName: sni.centralnic.com
 SAN dNSName: whois-ote.centralnic.com
 SAN dNSName: whois.centralnic.com
DANE TLSA 2 1 1 [60b87575447d...] matched TA certificate at depth 1
Verified peername: rdap.centralnic.com
Validated Certificate chain:
 0 Subject CN: console.centralnic.com
   Issuer  CN: Let's Encrypt Authority X3
 1 Subject CN: Let's Encrypt Authority X3
   Issuer  CN: DST Root CA X3
 SAN dNSName: console.centralnic.com
 SAN dNSName: eppgw-admin.centralnic.com
 SAN dNSName: manage.centralnic.com
 SAN dNSName: ote-console.centralnic.com
 SAN dNSName: ote-registry-api.centralnic.com
 SAN dNSName: rdap-ote.centralnic.com
 SAN dNSName: rdap.centralnic.com
 SAN dNSName: registrar-console.centralnic.com
 SAN dNSName: registrar-ftp.centralnic.com
 SAN dNSName: registry-api.centralnic.com
 SAN dNSName: search-whois-xmlrpc.centralnic.com
 SAN dNSName: search-whois.centralnic.com
 SAN dNSName: sni-ote.centralnic.com
 SAN dNSName: sni.centralnic.com
 SAN dNSName: whois-ote.centralnic.com
 SAN dNSName: whois.centralnic.com

Connecting to IPv4 address: 119.252.181.110 port 443
TLSv1.2 handshake succeeded.
Cipher: TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Peer Certificate chain:
 0 Subject CN: console.centralnic.com
   Issuer  CN: Let's Encrypt Authority X3
 1 Subject CN: Let's Encrypt Authority X3
   Issuer  CN: DST Root CA X3
 SAN dNSName: console.centralnic.com
 SAN dNSName: eppgw-admin.centralnic.com
 SAN dNSName: manage.centralnic.com
 SAN dNSName: ote-console.centralnic.com
 SAN dNSName: ote-registry-api.centralnic.com
 SAN dNSName: rdap-ote.centralnic.com
 SAN dNSName: rdap.centralnic.com
 SAN dNSName: registrar-console.centralnic.com
 SAN dNSName: registrar-ftp.centralnic.com
 SAN dNSName: registry-api.centralnic.com
 SAN dNSName: search-whois-xmlrpc.centralnic.com
 SAN dNSName: search-whois.centralnic.com
 SAN dNSName: sni-ote.centralnic.com
 SAN dNSName: sni.centralnic.com
 SAN dNSName: whois-ote.centralnic.com
 SAN dNSName: whois.centralnic.com
DANE TLSA 2 1 1 [60b87575447d...] matched TA certificate at depth 1
Verified peername: rdap.centralnic.com
Validated Certificate chain:
 0 Subject CN: console.centralnic.com
   Issuer  CN: Let's Encrypt Authority X3
 1 Subject CN: Let's Encrypt Authority X3
   Issuer  CN: DST Root CA X3
 SAN dNSName: console.centralnic.com
 SAN dNSName: eppgw-admin.centralnic.com
 SAN dNSName: manage.centralnic.com
 SAN dNSName: ote-console.centralnic.com
 SAN dNSName: ote-registry-api.centralnic.com
 SAN dNSName: rdap-ote.centralnic.com
 SAN dNSName: rdap.centralnic.com
 SAN dNSName: registrar-console.centralnic.com
 SAN dNSName: registrar-ftp.centralnic.com
 SAN dNSName: registry-api.centralnic.com
 SAN dNSName: search-whois-xmlrpc.centralnic.com
 SAN dNSName: search-whois.centralnic.com
 SAN dNSName: sni-ote.centralnic.com
 SAN dNSName: sni.centralnic.com
 SAN dNSName: whois-ote.centralnic.com
 SAN dNSName: whois.centralnic.com

[0] Authentication succeeded for all (4) peers.




Check another DANE service?


Other DANE Tools


References