SSL-Tools

SSL check results of helmutschupp.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for helmutschupp.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 26 May 2022 14:26:48 +0000

The mailservers of helmutschupp.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @helmutschupp.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx1-prod-de-fsn1-pve1.schupp.io
2a01:4f8:252:430::1:1
 10
supported
*.schupp.io
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
mx1-prod-de-fsn1-pve1.schupp.io
138.201.23.160
 10
supported
*.schupp.io
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
mx2-prod-de-fsn1-pve1.schupp.io
2a01:4f8:252:430::1:2
 20
supported
*.schupp.io
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
mx2-prod-de-fsn1-pve1.schupp.io
138.201.23.161
 20
supported
*.schupp.io
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
mx3-prod-de-nbg1.schupp.io
2a01:4f8:c2c:c041::1:3
 30
supported
*.schupp.io
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
mx3-prod-de-nbg1.schupp.io
116.203.135.109
 30
supported
*.schupp.io
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @helmutschupp.de address so far. Test mail delivery

Certificates

First seen at:

CN=*.schupp.io

Certificate chain
  • *.schupp.io
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • AlphaSSL CA - SHA256 - G2
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • GlobalSign (Certificate is self-signed.)
            • remaining
            • 2048 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • *.schupp.io
Alternative Names
  • *.schupp.io
  • schupp.io
Issuer
Country (C)
  • BE
Organization (O)
  • GlobalSign nv-sa
Common Name (CN)
  • AlphaSSL CA - SHA256 - G2
validity period
Not valid before
2022-05-25
Not valid after
2023-06-26
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
69:15:00:81:D2:1A:00:03:96:39:D0:2B:A0:35:A7:B4:C7:37:84:5B:FE:59:B1:00:A6:EA:F5:67:A5:D5:94:9D
SHA1
0A:68:1E:64:5D:2B:29:33:64:86:D5:E6:90:49:0F:F5:89:4A:FB:B5
X509v3 extensions
authorityInfoAccess
  • CA Issuers - URI:http://secure.globalsign.com/cacert/gsalphasha2g2r1.crt
  • OCSP - URI:http://ocsp2.globalsign.com/gsalphasha2g2
certificatePolicies
  • Policy: 1.3.6.1.4.1.4146.1.10.10
  • CPS: https://www.globalsign.com/repository/
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://crl.globalsign.com/gs/gsalphasha2g2.crl
authorityKeyIdentifier
  • keyid:F5:CD:D5:3C:08:50:F9:6A:4F:3A:B7:97:DA:56:83:E6:69:D2:68:F7
subjectKeyIdentifier
  • 8A:06:1D:CF:E6:33:E3:2E:6D:B4:10:C0:C7:B0:53:0F:D6:BF:7F:56
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : E8:3E:D0:DA:3E:F5:06:35:32:E7:57:28:BC:89:6B:C9:
  • 03:D3:CB:D1:11:6B:EC:EB:69:E1:77:7D:6D:06:BD:6E
  • Timestamp : May 25 22:04:12.690 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:E8:A1:13:77:CE:F9:C7:2A:E0:19:AC:
  • 47:4C:CA:47:25:80:8E:DC:87:B6:93:99:54:D5:57:7D:
  • D6:3E:B6:25:DA:02:21:00:EA:34:EA:24:E3:95:40:39:
  • E0:DC:2F:C7:B5:97:B6:21:B3:2F:8F:B0:7B:9D:89:67:
  • 9E:44:38:04:41:4A:8D:32
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
  • 15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
  • Timestamp : May 25 22:04:12.042 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:0E:DD:2F:69:B4:52:21:7A:E6:5F:2A:1A:
  • E5:72:37:C8:92:E5:FC:C1:4F:66:B5:BD:3C:1C:8B:B5:
  • 58:E1:4E:88:02:20:0D:8D:31:31:00:67:BF:CB:6F:C4:
  • E3:7B:56:C1:AB:FB:23:50:B1:ED:1B:70:49:B8:3A:F3:
  • EE:42:2F:A3:A0:7D
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 35:CF:19:1B:BF:B1:6C:57:BF:0F:AD:4C:6D:42:CB:BB:
  • B6:27:20:26:51:EA:3F:E1:2A:EF:A8:03:C3:3B:D6:4C
  • Timestamp : May 25 22:04:12.441 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:B8:49:4D:F4:54:74:E1:9E:8F:04:11:
  • ED:79:83:A4:9F:3F:FB:7F:B6:ED:CA:C3:74:CB:92:33:
  • C4:A9:B4:FD:95:02:21:00:C6:4D:72:C5:B0:F6:70:32:
  • F2:56:2A:25:55:3A:46:06:8B:EF:86:E6:8B:87:40:CC:
  • 66:19:47:CB:94:3B:8E:5E

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx3-prod-de-nbg1.schupp.io
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx3-prod-de-nbg1.schupp.io
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mx1-prod-de-fsn1-pve1.schupp.io
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx1-prod-de-fsn1-pve1.schupp.io
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mx2-prod-de-fsn1-pve1.schupp.io
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx2-prod-de-fsn1-pve1.schupp.io
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid