SSL-Tools

SSL check results of auren.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for auren.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Wed, 09 Oct 2024 00:30:40 +0000

The mailservers of auren.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @auren.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mailin12.prod.datevnet.de
2a00:e50:f155:7::d9
 0
supported
mailin11.prod.datevnet.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
7 s
mailin12.prod.datevnet.de
193.27.49.217
 0
supported
mailin11.prod.datevnet.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
7 s
mailin11.prod.datevnet.com
2a00:e50:f155:7::d8
 0
supported
mailin11.prod.datevnet.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
7 s
mailin11.prod.datevnet.com
193.27.49.216
 0
supported
mailin11.prod.datevnet.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
7 s

Outgoing Mails

We have not received any emails from a @auren.de address so far. Test mail delivery

Certificates

First seen at:

CN=mailin11.prod.datevnet.com,O=DATEV eG,L=Nürnberg,ST=Bayern,C=DE

Certificate chain
Subject
Country (C)
  • DE
State (ST)
  • Bayern
Locality (L)
  • Nürnberg
Organization (O)
  • DATEV eG
Common Name (CN)
  • mailin11.prod.datevnet.com
Alternative Names
  • mailin11.prod.datevnet.com
  • mailin12.prod.datevnet.de
  • maildomain.datevnet.de
  • maildomain.datevnet.com
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Organizational Unit (OU)
  • www.digicert.com
Common Name (CN)
  • Thawte TLS RSA CA G1
validity period
Not valid before
2024-06-17
Not valid after
2025-06-16
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Agreement
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
19:8B:56:C4:FA:89:7B:3F:B8:3C:97:A5:56:36:DF:C7:48:67:DD:B2:69:90:D1:29:2E:59:67:8B:3A:76:C7:22
SHA1
7D:DE:D9:21:12:A2:FA:43:A4:82:6F:A1:A7:22:D0:17:22:2F:8D:57
X509v3 extensions
authorityKeyIdentifier
  • keyid:A5:8C:FE:32:CC:EB:0F:2C:D4:19:C6:08:B8:00:24:88:5D:C3:C5:B7
subjectKeyIdentifier
  • 9A:4D:84:A8:0B:DD:1E:A3:F2:40:B3:1A:FD:5E:47:35:00:BB:1C:F7
certificatePolicies
  • Policy: 2.23.140.1.2.2
  • CPS: http://www.digicert.com/CPS
crlDistributionPoints
  • Full Name:
  • URI:http://cdp.thawte.com/ThawteTLSRSACAG1.crl
authorityInfoAccess
  • OCSP - URI:http://status.thawte.com
  • CA Issuers - URI:http://cacerts.thawte.com/ThawteTLSRSACAG1.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
  • 1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
  • Timestamp : Jun 17 13:52:05.258 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:1A:7B:10:75:A0:5B:7C:5D:60:2B:A7:4C:
  • 8D:9E:40:10:BD:86:32:F1:66:75:A4:D7:93:F7:B0:5C:
  • 5C:AB:AE:2B:02:20:60:9F:7B:01:8A:8C:95:33:3B:BC:
  • CC:35:7B:97:67:D3:95:B5:E7:DC:99:7C:AB:CD:94:0A:
  • 9D:30:B6:FE:68:66
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
  • 87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
  • Timestamp : Jun 17 13:52:05.205 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:48:F3:5F:4B:4B:F0:FD:18:31:35:86:1B:
  • 91:43:F6:A3:F2:BB:59:F8:10:39:68:B0:DF:45:74:6E:
  • AB:07:E2:04:02:20:1C:3D:53:12:7B:C0:B7:6D:6B:DE:
  • 0E:E7:74:26:8F:90:A5:3B:31:C9:3C:1B:01:65:D5:D1:
  • 31:17:5A:8E:77:F2
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
  • D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
  • Timestamp : Jun 17 13:52:05.371 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:03:06:08:0C:58:DB:05:11:A5:23:75:9F:
  • 25:50:AF:B7:2D:92:6A:CF:04:B8:50:D3:42:EF:00:C7:
  • 04:62:48:43:02:20:77:BE:32:4E:36:D0:4E:13:BC:96:
  • AD:C6:9B:84:63:0D:C3:5E:CB:4C:48:80:12:B1:67:CB:
  • D9:8A:A4:05:E5:86

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mailin12.prod.datevnet.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mailin12.prod.datevnet.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mailin11.prod.datevnet.com
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mailin11.prod.datevnet.com
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid