HTTPSWatch (Canada)

HTTPSWatch tracks the HTTPS support of prominent websites. Click to show details about a site’s HTTPS support. See the About page for more information.

Newspapers

3/0/0
Newspapers Canada (www.newspaperscanada.ca) Bad
  • connect() to port 443 times out.
Tell Newspapers Canada they should improve their HTTPS support:
National Post (www.nationalpost.com) Bad
  • Certificate hostname verification fails.
Tell National Post they should improve their HTTPS support:
Theg Globe And Mail (www.theglobeandmail.com) Bad
  • A verified TLS connection can be established. SSL Labs grade is A.
  • The HTML page loaded over HTTPS has mixed content.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn't redirect to HTTPS.
Tell Theg Globe And Mail they should improve their HTTPS support:

News

5/1/0
CBC Canadian News (www.cbc.ca) Bad
Tell CBC Canadian News they should improve their HTTPS support:
CTV News (www.ctvnews.ca) Bad
Tell CTV News they should improve their HTTPS support:
Global News (globalnews.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is A.
  • The HTTPS site redirects to HTTP.
Tell Global News they should improve their HTTPS support:
Toronto Star (www.thestar.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Toronto Star they should improve their HTTPS support:
Metro News (metronews.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is A.
  • The HTML page loaded over HTTPS has mixed content.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn't redirect to HTTPS.
Tell Metro News they should improve their HTTPS support:
CBC/Radio-Canada (www.cbc.radio-canada.ca) Bad
  • Certificate hostname verification fails.
Tell CBC/Radio-Canada they should improve their HTTPS support:

Banks

5/5/0
Royal Canadian Mint (www.mint.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is A.
  • The HTTPS site redirects to HTTP.
Tell Royal Canadian Mint they should improve their HTTPS support:
TD Canada Trust (easyweb.td.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell TD Canada Trust they should improve their HTTPS support:
RBC Royal Bank (www.rbcroyalbank.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A-.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn't redirect to HTTPS.
Tell RBC Royal Bank they should improve their HTTPS support:
Canadian Imperial Bank of Commerce (www.cibc.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Canadian Imperial Bank of Commerce they should improve their HTTPS support:
Scotiabank (www2.scotiaonline.scotiabank.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A-.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Scotiabank they should improve their HTTPS support:
Bank of Canada (www.bankofcanada.ca) Bad
  • Certificate hostname verification fails.
Tell Bank of Canada they should improve their HTTPS support:
Business Development Bank of Canada (www.bdc.ca) Bad
  • Certificate not trusted by Mozilla cert store.
Tell Business Development Bank of Canada they should improve their HTTPS support:
Canada Deposit Insurance Corporation (www.cdic.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is A.
  • The HTML page loaded over HTTPS has mixed content.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn't redirect to HTTPS.
Tell Canada Deposit Insurance Corporation they should improve their HTTPS support:
Canada Mortgage and Housing Corporation (www.cmhc-schl.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is B.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Canada Mortgage and Housing Corporation they should improve their HTTPS support:
Competition Bureau Canada (www.competitionbureau.gc.ca) Bad
  • Certificate hostname verification fails.

Travel

0/4/0
Travel.gc.ca (travel.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Travel.gc.ca they should improve their HTTPS support:
Canadian Tourism Commission (en-corporate.canada.travel) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Presto Card (www.prestocard.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Presto Card they should improve their HTTPS support:
Canadian Tourism Commission (en-corporate.canada.travel) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Canadian Tourism Commission they should improve their HTTPS support:

Universities/College

3/4/1
Queen's University (www.queensu.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn't redirect to HTTPS.
Tell Queen's University they should improve their HTTPS support:
Brock University (www.brocku.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is B.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Brock University they should improve their HTTPS support:
Laurentian University (laurentian.ca) Bad
Tell Laurentian University they should improve their HTTPS support:
Trent University (www.trentu.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is B.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Trent University they should improve their HTTPS support:
University Of Toronto (www.utoronto.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is A+.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank University Of Toronto for providing high quality HTTPS:
University of Windsor (www.uwindsor.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is A-.
  • The HTTPS site redirects to HTTP.
Tell University of Windsor they should improve their HTTPS support:
Canadian Police College (www.cpc-ccp.gc.ca) Bad
  • Certificate not trusted by Mozilla cert store.
Royal Military College of Canada (www.rmc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site doesn't redirect to HTTPS.
Tell Royal Military College of Canada they should improve their HTTPS support:

Government & Public Sector

23/5/1
Canada Revenue Agency (cms-sgj.cra-arc.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A-.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • Nothing is listening on port 80
Tell Canada Revenue Agency they should improve their HTTPS support:
Aboriginal Business Canada (www.aadnc-aandc.gc.ca) Bad
  • Certificate not trusted by Mozilla cert store.
Canadian Security Intelligence Service (www.csis-scrs.gc.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is A+.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Canada Agricultural Review Tribunal (cart-crac.gc.ca) Bad
  • connect() returns with error ECONNRESET.
Courts Administration Service (cas-ncr-nter03.cas-satj.gc.ca) Bad
  • A TLS-related error (None) occurs when trying to connect.
Federal Economic Development Initiative for Northern Ontario (FedNor) (fednor.gc.ca) Bad
  • Certificate hostname verification fails.
Commissioner of Lobbying of Canada (ocl-cal.gc.ca) Bad
  • Certificate hostname verification fails.
Patented Medicine Prices Review Board Canada (pmprb-cepmb.gc.ca) Bad
  • Certificate hostname verification fails.
Canadian Pari-Mutuel Agency (www.agr.gc.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is C.
  • The HTTPS site redirects to HTTP.
Canadian Centre for Occupational Health and Safety (www.ccohs.ca) Bad
Tell Canadian Centre for Occupational Health and Safety they should improve their HTTPS support:
Canadian Intellectual Property Office (www.cipo.ic.gc.ca) Bad
  • Certificate hostname verification fails.
Defence Construction Canada (www.dcc-cdc.gc.ca) Bad
  • Certificate not trusted by Mozilla cert store.
Tell Defence Construction Canada they should improve their HTTPS support:
Canada Centre for Inland Waters (www.ec.gc.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is A.
  • The HTML page loaded over HTTPS has mixed content.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn't redirect to HTTPS.
Tell Canada Centre for Inland Waters they should improve their HTTPS support:
Export Development Canada (www.edc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn't redirect to HTTPS.
Tell Export Development Canada they should improve their HTTPS support:
Health Canada (www.healthycanadians.gc.ca) Bad
  • connect() to port 443 times out.
Tell Health Canada they should improve their HTTPS support:
Nuclear Safety Commission (www.nuclearsafety.gc.ca) Bad
  • Certificate hostname verification fails.
Tell Nuclear Safety Commission they should improve their HTTPS support:
Canadian Nuclear Safety Commission (cnsc-ccsn.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn't redirect to HTTPS.
Tell Canadian Nuclear Safety Commission they should improve their HTTPS support:
Taxpayers' Ombudsman (www.oto-boc.gc.ca) Bad
  • Certificate hostname verification fails.
Parliament of Canada (www.parl.gc.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is C.
  • The HTTPS site returns an error status (404) on request.
Passport Canada (www.passport.gc.ca) Bad
  • Certificate hostname verification fails.
Tell Passport Canada they should improve their HTTPS support:
Indian Oil and Gas Canada (www.pgic-iogc.gc.ca) Bad
  • Certificate not trusted by Mozilla cert store.
Laurentian Pilotage Authority Canada (www.pilotagestlaurent.gc.ca) Bad
  • Certificate not trusted by Mozilla cert store.
Canadian Polar Commission (www.polarcom.gc.ca) Bad
  • Certificate not trusted by Mozilla cert store.
Federal Bridge Corporation (www.pontscanadabridges.ca) Bad
  • DNS lookup failed.
Pacific Pilotage Authority Canada (www.ppa.gc.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is A.
  • The HTTPS site redirects to HTTP.
Privacy Commissioner (www.priv.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Public Sector Integrity Commissioner (www.psic.gc.ca) Bad
  • Certificate not trusted by Mozilla cert store.
Canada Firearms Centre (www.rcmp-grc.gc.ca) Bad
  • Nothing is listening on port 443.
Communications Security Establishment (www.cse-cst.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.

Tech Companies

2/4/0
Rogers Communications (www.rogers.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn't redirect to HTTPS.
Tell Rogers Communications they should improve their HTTPS support:
Bell Canada (www.bell.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn't redirect to HTTPS.
Tell Bell Canada they should improve their HTTPS support:
Telus (www.telus.com) Bad
  • A verified TLS connection can be established. SSL Labs grade is A-.
  • The HTTPS site redirects to HTTP.
Tell Telus they should improve their HTTPS support:
Tek Savvy (teksavvy.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Tek Savvy they should improve their HTTPS support:
Industrial Technologies Office (www.ic.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn't redirect to HTTPS.
Infrastructure Canada (www.infrastructure.gc.ca) Bad
  • Certificate not trusted by Mozilla cert store.

Canadian Museum

8/1/0
Canadian Museum of Contemporary Photography (cmcp.gallery.ca) Bad
  • Certificate hostname verification fails.
Canadian Museum for Human Rights (humanrights.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Canadian Museum of Nature (nature.ca) Bad
Currency Museum (www.bankofcanadamuseum.ca) Bad
  • Certificate hostname verification fails.
Canadian Museum of History (www.historymuseum.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is C.
  • The HTTPS site redirects to HTTP.
Virtual Museum of Canada (www.virtualmuseum.ca) Bad
  • Certificate not trusted by Mozilla cert store.
Canadian War Museum (www.warmuseum.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is C.
  • The HTTPS site redirects to HTTP.
Historic Sites and Monuments Board of Canada (www.pc.gc.ca) Bad
Tell Historic Sites and Monuments Board of Canada they should improve their HTTPS support:
Canadian Museum of Immigration at Pier 21 (www.pier21.ca) Bad
Tell Canadian Museum of Immigration at Pier 21 they should improve their HTTPS support:

Canadian Services

8/4/1
Canada Post (www.canadapost.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank Canada Post for providing high quality HTTPS:
Canadian Northern Economic Development Agency (www.cannor.gc.ca) Bad
  • Certificate not trusted by Mozilla cert store.
Copyright Board Canada (www.cb-cda.gc.ca) Bad
  • Certificate hostname verification fails.
Canadian Air Transport Security Authority (www.catsa.gc.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is A-.
  • The HTTPS site redirects to HTTP.
Canadian Conservation Institute (www.cci-icc.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn't redirect to HTTPS.
Canadian International Trade Tribunal (www.citt.gc.ca) Bad
  • connect() to port 443 times out.
Canadian Judicial Council (www.cjc-ccm.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn't redirect to HTTPS.
Communications Research Centre Canada (www.crc.gc.ca) Bad
  • Certificate hostname verification fails.
Canadian Race Relations Foundation (www.crr.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is B.
  • The HTTPS site redirects to HTTP.
Farm Credit Canada (www.fcc-fac.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is B.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Foreign Affairs, Trade and Development (www.international.gc.ca) Bad
  • Certificate not trusted by Mozilla cert store.
Standards Council of Canada (www.scc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn't redirect to HTTPS.
Canadian Trade Commissioner Service (www.tradecommissioner.gc.ca) Bad
  • Certificate not trusted by Mozilla cert store.