bgn-it.de - TLS / STARTTLS Test

Discover if the mail servers for bgn-it.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 01 May 2025 14:17:30 +0000

Certificates

Problems found
Protocol

Problems found
DANE

Missing

We can not guarantee a secure connection to the mailservers of bgn-it.de!

Please contact the operator of bgn-it.de and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/bgn-it.de

Servers

Incoming Mails

These servers are responsible for incoming mails to @bgn-it.de addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mail.bgn-it.de 2a01:4f8:212:aa1::3	10	supported	mail.nitzler.de	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2025-05-01 1 s
mail.bgn-it.de 136.243.42.165 Results incomplete	10	unsupported	not checked	DANE missing PFS not checked Heartbleed not checked Weak ciphers not checked		2025-05-01 1 s

Outgoing Mails

We have not received any emails from a @bgn-it.de address so far. Test mail delivery

Certificates

First seen at: 2025-05-01

CN=mail.nitzler.de

Certificate chain

mail.nitzler.de
- 2025-07-30 remaining
- 4096 bit
- sha256WithRSAEncryption
- Hostname Mismatch

Subject

Common Name (CN)

mail.nitzler.de

Alternative Names

imap.bgn-it.de
imap.nitzler.de
mail.nitzler.de
smtp.bgn-it.de
smtp.nitzler.de

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2025-05-01
Not valid after: 2025-07-30

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 6C:C0:57:FE:E3:CC:F3:40:76:F9:5B:5C:51:40:F2:D8:3B:B2:62:BA:D6:52:CC:90:3B:1E:24:87:EA:30:70:2F
SHA1: EC:FD:6F:41:90:A7:BC:10:91:B2:B9:D7:18:7C:53:6B:8C:C1:86:ED

X509v3 extensions

subjectKeyIdentifier

C1:7C:4B:EC:2F:FF:EC:D9:F4:1A:7E:B0:77:2D:38:53:A6:B3:88:19

authorityKeyIdentifier

keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9

authorityInfoAccess

OCSP - URI:http://r11.o.lencr.org
CA Issuers - URI:http://r11.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

crlDistributionPoints

Full Name:
URI:http://r11.c.lencr.org/42.crl

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
Timestamp : May 1 12:35:24.861 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:0E:25:68:1A:DA:D2:F5:D3:04:3A:A7:53:
16:BB:3B:E5:DB:05:A0:9E:FD:B3:B0:71:28:32:93:1C:
9E:E2:2B:1B:02:20:73:1F:26:3C:DE:D7:24:3F:FC:9D:
D3:61:ED:BC:9F:F6:3B:F1:89:16:CE:66:98:6F:CE:3F:
D9:95:11:1A:60:F2
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : AF:18:1A:28:D6:8C:A3:E0:A9:8A:4C:9C:67:AB:09:F8:
BB:BC:22:BA:AE:BC:B1:38:A3:A1:9D:D3:F9:B6:03:0D
Timestamp : May 1 12:35:25.709 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:A3:81:E9:EE:1F:9F:0F:27:46:FE:2F:
87:E7:C5:65:D8:6A:27:F7:04:3F:8E:DC:2B:B2:28:73:
7D:0E:6B:30:91:02:21:00:BD:67:C4:3B:AA:8A:98:18:
19:40:F0:93:4F:90:4A:58:75:7B:45:F9:E2:F6:D6:15:
65:D0:01:B4:24:D5:0E:CA

SSL check results of bgn-it.de