Ha. Their EV test (which they say you should be able to connect to, if your browser is "good") uses a certificate that expired Aug 10 2022: https://extended-validation.badssl.com

I actually love this site.

It's a great way to do baseline sanity checking on any service provider you are using or assessing for use. How well they manage and configure certificate functionality is a good indicator of whether they are on top of things generally.

(also a good way to check up on your own internal IT department as well).

lol, their EV cert is expired

If you are looking for some other bad TLS configs, I run a site that augments this at https://badtls.io/.

I am dense and so don’t get what this site is showing me. Can someone explain?

Related: here is my collection of links/domains which are useful, but difficult to search for on Google.

DNS / Networking:

- http://neverssl.com/ - manually trigger a paywall / login screen on public wifi networks

- https://ifconfig.co - Simplest way to get own IP address, especially from scripts.

Web development:

- http://vcap.me, http://lvh.me - Main domain and all subdomains resolve to localhost.

- http://nip.io - Subdomains resolve to that IP Address, e.g. `127.0.0.1.nip.io`

- https://httpstat.us - simple service to generate desired response codes

- https://badssl.com - test SSL client configuration against many invalid certificates

- https://permission.site/ - test various permission requests

Anyone have any other good candidates?

Hmm, Firefox can still connect to some of these.

Used that site recently to implement a cert monitor in just a few minutes than the hours I had planned. Really valueable resource