SSL-Tools

SSL check results of booklkv.fi

NEW You can also bulk check multiple servers.

Discover if the mail servers for booklkv.fi can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Wed, 09 Oct 2024 00:30:35 +0000

The mailservers of booklkv.fi can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @booklkv.fi addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx1.f-solutions.fi
2a00:4cc1:16::f25
 10
supported
*.f-solutions.fi
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s
mx1.f-solutions.fi
178.213.234.25
 10
supported
*.f-solutions.fi
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mx2.f-solutions.fi
2a00:4cc0:22::f25
 20
supported
*.f-solutions.fi
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
4 s
mx2.f-solutions.fi
37.16.126.25
 20
supported
*.f-solutions.fi
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
5 s

Outgoing Mails

We have not received any emails from a @booklkv.fi address so far. Test mail delivery

Certificates

First seen at:

CN=*.f-solutions.fi

Certificate chain
  • *.f-solutions.fi
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • *.f-solutions.fi
Alternative Names
  • *.f-solutions.fi
  • f-solutions.fi
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2024-09-30
Not valid after
2024-12-29
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
6B:C1:9F:22:89:D2:AF:3F:1D:12:87:F8:84:DA:D5:F8:0E:19:77:81:A7:88:25:D7:AB:DA:3C:53:55:AF:F5:48
SHA1
07:BB:0F:E1:86:96:AB:D5:F8:82:82:88:AA:7B:99:94:7C:D3:A9:4A
X509v3 extensions
subjectKeyIdentifier
  • A8:85:D7:1C:A2:93:7B:29:C5:74:CF:0F:8D:76:2F:A4:FA:F3:B8:B2
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • OCSP - URI:http://r11.o.lencr.org
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
  • ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
  • Timestamp : Sep 30 21:36:24.919 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:CF:ED:23:19:55:71:10:BD:B0:DA:6D:
  • 2D:B8:F0:B7:70:8A:1F:6B:09:2C:9D:E5:2E:4E:2F:73:
  • 51:BE:70:0F:B0:02:20:31:8D:52:A4:00:3D:8F:37:95:
  • ED:1C:7D:3B:02:51:5B:FD:91:6B:62:F9:5A:C1:B7:90:
  • 2C:04:7C:F9:D4:68:26
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
  • B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
  • Timestamp : Sep 30 21:36:24.977 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:3B:AF:F9:B7:0F:8E:A9:56:68:E5:33:2F:
  • 79:C3:7B:F1:6F:B6:3D:90:B7:4D:4C:18:BF:80:0C:13:
  • 6F:3F:B2:3D:02:20:6C:43:A6:45:2B:5D:AF:4A:54:DB:
  • 4D:6D:37:5F:EB:E0:8E:D9:7E:AD:54:68:62:6F:9D:E8:
  • B2:75:70:55:7E:BE

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx1.f-solutions.fi
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-512 Hash
valid
_25._tcp.mx1.f-solutions.fi
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-512 Hash
valid
valid
_25._tcp.mx1.f-solutions.fi
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-512 Hash
valid
_25._tcp.mx1.f-solutions.fi
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-512 Hash
valid
_25._tcp.mx2.f-solutions.fi
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-512 Hash
valid
_25._tcp.mx2.f-solutions.fi
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-512 Hash
valid
valid
_25._tcp.mx2.f-solutions.fi
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-512 Hash
valid
_25._tcp.mx2.f-solutions.fi
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-512 Hash
valid