Summary of amexbillpay22.americanexpress.com:443 (HTTPS) SSL Security Test
Provided "as is" without any warranty of any kind.
This test was made 2467 days ago and may be outdated
Refresh Test
Date/Time:Aug 9th, 2019 19:04 GMT+0
Source IP/Port:139.71.0.119:443
Protocol:HTTPS
Location:Phoenix, United States
Your final score:
- A
- B
- C
- F
C
Executive Summary for amexbillpay22.americanexpress.com
- 1 SSL/TLS end-entity certificate(s) detected: the first certificate is an untrusted RSA 2048 bits certificate with issuer DigiCert SHA2 Secure Server CA valid until April 24, 2019. 1 certificate chain(s) detected. Show details.
- 3 of 21 supported cipher suites are not compliant with PCI DSS. The server supports only PCI DSS compliant protocols: TLSv1.1 and TLSv1.2. All supported elliptic curves are compliant with PCI DSS: P-256. There are 2 more issue(s) which make the server non-compliant with PCI DSS: certificates are untrusted, diffie-hellman parameter weak. Show details.
- 3 of 21 supported cipher suites are not compliant with NIST and HIPAA. The server supports only NIST and HIPAA compliant protocols: TLSv1.1 and TLSv1.2. All supported elliptic curves are compliant with NIST and HIPAA: P-256. There are 2 more issue(s) which make the server non-compliant with NIST and HIPAA: server does not support OCSP stapling, diffie-hellman parameter weak. Show details.
- 2 issue(s) related to industry best practices were identified: server does not support TLS 1.3, server does not provide HSTS. Show details.
