SSL-Tools

SSL check results of hkelectric.com

NEW You can also bulk check multiple servers.

Discover if the mail servers for hkelectric.com can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sun, 23 Aug 2020 01:57:25 +0000

We can not guarantee a secure connection to the mailservers of hkelectric.com!

Please contact the operator of hkelectric.com and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/hkelectric.com

Servers

Incoming Mails

These servers are responsible for incoming mails to @hkelectric.com addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mailgw4.hkelectric.com
210.3.21.247
 50
supported
mailgw1.hkelectric.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • SSLv3
23 s
mailgw1.hkelectric.com
210.3.21.161
Results incomplete
50
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s
mailgw3.hkelectric.com
210.3.21.243
 50
supported
mailgw1.hkelectric.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • SSLv3
21 s
mailgw2.hkelectric.com
210.3.21.162
Results incomplete
50
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s
relay.on-nets.com
210.0.255.153
Results incomplete
100
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
4 s
relay.on-nets.com
210.0.255.167
Results incomplete
100
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
3 s
relay.on-nets.com
210.0.227.75
Results incomplete
100
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
2 s

Outgoing Mails

We have not received any emails from a @hkelectric.com address so far. Test mail delivery

Certificates

First seen at:

CN=mailgw1.hkelectric.com,OU=IT,O=The Hongkong Electric Co.\, Ltd.,L=Wan Chai,C=HK

Certificate chain
Subject
Country (C)
  • HK
Locality (L)
  • Wan Chai
Organization (O)
  • The Hongkong Electric Co., Ltd.
Organizational Unit (OU)
  • IT
Common Name (CN)
  • mailgw1.hkelectric.com
Alternative Names
  • mailgw2.hkelectric.com
  • mailgw3.hkelectric.com
  • mailgw4.hkelectric.com
  • mailgw1.hkelectric.com
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Common Name (CN)
  • DigiCert SHA2 Secure Server CA
validity period
Not valid before
2019-02-13
Not valid after
2021-02-12
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
57:D5:1C:AC:0F:7F:27:10:8F:13:71:AD:16:A3:33:78:75:76:3F:C7:95:8D:0C:AD:BC:E1:C0:39:9E:E1:80:2A
SHA1
09:0C:D2:86:06:29:06:73:81:1F:DF:5A:C1:E5:84:E4:F0:08:97:BA
X509v3 extensions
authorityKeyIdentifier
  • keyid:0F:80:61:1C:82:31:61:D5:2F:28:E7:8D:46:38:B4:2C:E1:C6:D9:E2
subjectKeyIdentifier
  • C4:AB:E9:99:61:64:39:19:A8:74:81:6A:C8:D8:B0:EF:12:3A:64:03
crlDistributionPoints
  • Full Name:
  • URI:http://crl3.digicert.com/ssca-sha2-g6.crl
  • Full Name:
  • URI:http://crl4.digicert.com/ssca-sha2-g6.crl
certificatePolicies
  • Policy: 2.16.840.1.114412.1.1
  • CPS: https://www.digicert.com/CPS
  • Policy: 2.23.140.1.2.2
authorityInfoAccess
  • OCSP - URI:http://ocsp.digicert.com
  • CA Issuers - URI:http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:4B:BD:B7:75:CE:60:BA:E1:42:69:1F:AB:E1:9E:66:
  • A3:0F:7E:5F:B0:72:D8:83:00:C4:7B:89:7A:A8:FD:CB
  • Timestamp : Feb 13 08:28:59.401 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:E0:8A:13:29:B8:01:35:80:46:BA:D0:
  • 68:8A:2A:F4:D3:3D:67:83:2D:D5:9F:C3:F1:F0:99:E9:
  • AD:1F:D4:ED:4F:02:20:37:A0:6A:02:45:67:A2:C2:CF:
  • 81:51:C5:52:82:F5:0A:B8:00:79:1E:21:60:6E:47:FF:
  • 7B:C7:18:97:96:EC:C5
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 87:75:BF:E7:59:7C:F8:8C:43:99:5F:BD:F3:6E:FF:56:
  • 8D:47:56:36:FF:4A:B5:60:C1:B4:EA:FF:5E:A0:83:0F
  • Timestamp : Feb 13 08:28:59.611 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:55:1A:81:3A:33:63:9C:B5:C9:B8:E9:1F:
  • 12:FC:4C:55:C8:5A:DA:0C:24:B6:DA:65:4C:FA:2E:5C:
  • D8:57:07:94:02:21:00:82:9A:C5:DB:F0:85:4D:96:DB:
  • B7:19:C1:79:39:3E:CB:06:28:C1:38:4C:66:C9:57:B2:
  • AB:7B:A9:34:DA:B0:5B
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 44:94:65:2E:B0:EE:CE:AF:C4:40:07:D8:A8:FE:28:C0:
  • DA:E6:82:BE:D8:CB:31:B5:3F:D3:33:96:B5:B6:81:A8
  • Timestamp : Feb 13 08:28:59.394 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:18:CC:E7:A7:CF:EF:FD:A4:99:5C:B7:DA:
  • F5:36:24:2E:44:3A:BD:CF:0A:7F:4B:B4:F8:98:A5:9C:
  • C3:E9:1C:36:02:20:72:08:06:38:D2:C7:28:8D:D4:16:
  • F1:EC:1B:C8:9A:E3:67:FB:6E:17:51:E6:88:36:18:B5:
  • 47:C7:BB:8A:04:21