SSL check results of hk.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for hk.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Mon, 25 May 2020 01:11:41 +0000

The mailservers of hk.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @hk.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail1.rox.net
213.214.0.2
10
supported
smtp.hrb.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mail2.rox.net
213.214.0.1
20
supported
smtp.hrb.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @hk.de address so far. Test mail delivery

Certificates

First seen at:

CN=smtp.hrb.de,OU=IT,O=rockenstein AG,L=Würzburg,C=DE

Certificate chain
Subject
Country (C)
  • DE
Locality (L)
  • Würzburg
Organization (O)
  • rockenstein AG
Organizational Unit (OU)
  • IT
Common Name (CN)
  • smtp.hrb.de
Alternative Names
  • smtp.hrb.de
  • mail2.rox.net
  • smtp.rockenstein.de
  • imap.hrb.de
  • mail1.rox.net
  • mail.rockenstein.de
  • mail.hrb.de
  • pop.rockenstein.de
  • pop3.hrb.de
  • pop3.rockenstein.de
  • imap.rockenstein.de
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Organizational Unit (OU)
  • www.digicert.com
Common Name (CN)
  • GeoTrust RSA CA 2018
validity period
Not valid before
2020-02-26
Not valid after
2021-04-26
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
D9:30:CC:02:AD:46:08:04:ED:95:53:E0:90:E1:B5:AB:ED:90:62:F1:E6:B7:37:E3:44:D4:AB:24:91:F9:2F:33
SHA1
83:52:0F:66:0A:52:1C:E7:0A:E8:A9:79:AB:4C:0E:FD:03:43:7A:0F
X509v3 extensions
authorityKeyIdentifier
  • keyid:90:58:FF:B0:9C:75:A8:51:54:77:B1:ED:F2:A3:43:16:38:9E:6C:C5
subjectKeyIdentifier
  • 9B:D3:0E:27:36:EA:58:7C:59:A0:D9:D7:E2:66:53:43:F8:1F:0E:A7
crlDistributionPoints
  • Full Name:
  • URI:http://cdp.geotrust.com/GeoTrustRSACA2018.crl
certificatePolicies
  • Policy: 2.16.840.1.114412.1.1
  • CPS: https://www.digicert.com/CPS
  • Policy: 2.23.140.1.2.2
authorityInfoAccess
  • OCSP - URI:http://status.geotrust.com
  • CA Issuers - URI:http://cacerts.geotrust.com/GeoTrustRSACA2018.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A4:B9:09:90:B4:18:58:14:87:BB:13:A2:CC:67:70:0A:
  • 3C:35:98:04:F9:1B:DF:B8:E3:77:CD:0E:C8:0D:DC:10
  • Timestamp : Feb 26 22:46:04.440 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:E2:41:4A:C8:33:7C:E4:C4:72:CA:30:
  • 1C:01:3E:5C:0A:F6:97:AC:38:1B:3D:6C:1B:7A:D0:ED:
  • D6:AA:1F:87:D6:02:21:00:E6:61:FC:BC:8D:71:66:3E:
  • 62:96:F9:B7:49:F4:B2:04:A6:7D:9E:7B:C8:34:D0:23:
  • F2:1B:09:99:5A:6A:8E:C5
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 5C:DC:43:92:FE:E6:AB:45:44:B1:5E:9A:D4:56:E6:10:
  • 37:FB:D5:FA:47:DC:A1:73:94:B2:5E:E6:F6:C7:0E:CA
  • Timestamp : Feb 26 22:46:04.511 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:31:42:27:C3:F7:50:4C:98:E4:AB:5C:3B:
  • 93:7F:F4:FA:F8:D2:7A:A0:EF:31:3F:CE:D0:17:5E:E9:
  • E0:E7:FD:9A:02:20:3C:B9:03:9A:3D:F8:08:22:F5:DE:
  • B9:A0:1B:1A:23:6D:52:5B:29:B8:9C:CE:1B:DB:A0:F6:
  • EA:1A:21:04:92:71