| 1. General Results, most used to calculate the result |
A | name "113.57.176.32" is ipv4 address, public suffix is not defined
|
A | Good: All ip addresses are public addresses
|
N | https://113.57.176.32:4434/ 113.57.176.32
|
| Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
|
N | https://113.57.176.32:4434/ 113.57.176.32
|
| Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
|
O | Old connection: Tls.1.0 is deprecated, Tls.1.2 should be supported
|
O | Old connection: RSA Key Exchange is unsecure. Use Diffie-Hellman or Elliptic Curve Diffi-Hellmann Key Exchange to support Forward Secrecy
|
O | Old connection: SHA1 as Hash Algorithm is deprecated. Switch to SHA256 or SHA384. If your certificate has SHA256, first check your domain via ssllabs.com and update weak Cipher Suites. Forward Secrecy support is required. The part "Cipher Suites" should have a preference. First Cipher Suite with SHA instead of SHA256 or higher - that's the problem, change that. If that doesn't help, check if there is an old Firewall / router or something else, that supports only SHA1. Update that component.
|
O | 113.57.176.32 / 113.57.176.32 / 4434
|
| Old connection: Ssl3 is insecure and must be disabled.
|
O | 113.57.176.32 / 113.57.176.32 / 4434
|
| Old connection: Ssl3 is insecure and must be disabled.
|
B | No _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.113.57.176.32
|
| 2. Header-Checks (Cross-Origin-* headers are alpha - started 2024-06-05) |
U |
|
| No https result with http status 2** or 4** (standard-check) found, no header checked.
|
| 3. DNS- and NameServer - Checks |
| 4. Content- and Performance-critical Checks |
| http://113.57.176.32:4434/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 113.57.176.32
|
| Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
|
A | Info: No img element found, no alt attribute checked
|
A | Duration: 63780 milliseconds, 63.780 seconds
|