Summary of cfamedical.com:443 (HTTPS) SSL Security Test
Provided "as is" without any warranty of any kind.
This test was made 2698 days ago and may be outdated
Refresh Test
Date/Time:Dec 30th, 2018 09:14 GMT+0
Source IP/Port:208.79.80.140:443
Protocol:HTTPS
Location:Raleigh, United States
Your final score:
- A
- B
- C
- F
F
Executive Summary for cfamedical.com
- 1 SSL/TLS end-entity certificate(s) detected: the first certificate is a trusted RSA 2048 bits certificate with issuer Starfield Secure Certificate Authority - G2 valid until August 22, 2020. 2 certificate chain(s) detected. Show details.
- 7 of 17 supported cipher suites are not compliant with PCI DSS. The server supports only PCI DSS non-compliant protocols: SSLv3 and TLSv1.0. All supported elliptic curves are compliant with PCI DSS: P-256. There are 1 more issue(s) which make the server non-compliant with PCI DSS: poodle over ssl. Show details.
- 11 of 17 supported cipher suites are not compliant with NIST and HIPAA. The server supports NIST and HIPAA compliant protocols (TLSv1.0) as well as non-compliant protocols (SSLv3). All supported elliptic curves are compliant with NIST and HIPAA: P-256. There are 2 more issue(s) which make the server non-compliant with NIST and HIPAA: server does not support OCSP stapling, server does not support tlsv1.1. Show details.
- 5 issue(s) related to industry best practices were identified: certificates have been signed for more than 3 years, server does not support TLS 1.3, server prefers weak cipher suites, server does not prefer cipher suites providing PFS, server does not provide HSTS. Show details.
