HTTPS Readiness test


Check here if your site complies with the HTTPS best practices

Domain analysis:

  • Always redirect to same domain (BEST PRACTICE!)
  • IP address:
  • Certificate details

  • Certificate validity period: 1 year(s) > 1 year -- will be refixed by Apple Safari browsers
  • This wildcard SSL Certificate was created for * and is also valid for
  • Certificate issued by GlobalSign nv-sa, of type GlobalSign Atlas R3 DV TLS CA 2022 Q4
  • Certificate start date: Nov 8 19:42:18 2022 GMT
  • Certificate expiration: Dec 10 19:42:17 2023 GMT (in 257 days)
  • Encryption algorithm: TLSv1.3 / TLS_AES_128_GCM_SHA256
  • More certificate details?
  • SSL Labs: get more detailed HTTPS report
  • Mozilla Observatory: get more detailed HTTPS report
  • HTTPS Headers

  • Missing HTTP header x-frame-options - should be SAMEORIGIN
  • HTTP header content-security-policy is wrong - not a valid format - please check
    frame-ancestors 'self' https://*;
  • HTTP header x-xss-protection is OK - cross-scripting protection
  • HTTP header strict-transport-security (HSTS) is OK (24 months valid)
  • For a GDPR-focused review of your domain, use Churlie GDPR Checkup
  • Content details

  • No mixed content: no http files used in the https page
  • How to get https for your site