SSL-Tools

SSL check results of innoxy.net

NEW You can also bulk check multiple servers.

Discover if the mail servers for innoxy.net can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sat, 27 Apr 2024 05:40:25 +0000

The mailservers of innoxy.net can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @innoxy.net addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
msmx02.innoxy.net
2402:1f00:8102:100::459
 10
supported
msmx02.innoxy.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
16 s
msmx02.innoxy.net
139.99.221.94
 10
supported
msmx02.innoxy.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
17 s
msmx01.innoxy.net
2001:41d0:701:1000::1bc5
 10
supported
msmx01.innoxy.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
3 s
msmx01.innoxy.net
135.125.134.164
 10
supported
msmx01.innoxy.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @innoxy.net address so far. Test mail delivery

Certificates

First seen at:

CN=msmx02.innoxy.net

Certificate chain
  • msmx02.innoxy.net
    • remaining
    • 384 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • msmx02.innoxy.net
Alternative Names
  • msmx02.innoxy.net
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-04-14
Not valid after
2024-07-13
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
12:CD:CB:7A:D4:19:9C:72:13:3D:44:E8:0A:1E:31:99:00:7A:C7:E0:05:F7:EB:2C:B0:72:10:91:75:C5:EB:5F
SHA1
E8:BB:99:15:26:4F:4D:C7:A8:E8:06:27:DC:7C:9C:83:3C:8C:0B:E5
X509v3 extensions
subjectKeyIdentifier
  • A7:60:E9:8D:AF:A9:C5:0B:B4:48:66:02:B7:13:8C:81:E2:BB:2D:31
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : Apr 14 22:48:19.981 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:4F:26:E9:F1:18:7B:C1:E6:57:72:8C:38:
  • CA:85:E4:2A:D8:FE:CC:8A:43:8C:D7:8E:FA:EB:9E:62:
  • 75:86:03:1A:02:21:00:C6:61:10:F6:D6:D1:20:53:12:
  • 3E:97:67:08:A0:36:1B:F6:97:27:25:36:85:8B:68:40:
  • 67:2C:D3:90:C8:F1:05
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
  • 67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
  • Timestamp : Apr 14 22:48:19.982 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:65:81:FF:F2:97:8F:F1:54:1F:1C:3B:8B:
  • 72:29:B3:85:CB:B7:73:E8:84:D0:45:7F:44:AD:12:8E:
  • 1C:B1:A4:66:02:21:00:9E:5F:07:4E:41:3B:44:FF:3A:
  • B0:B4:B3:94:97:7B:02:CA:83:00:49:EA:43:46:33:9B:
  • 70:98:D7:48:F2:44:28
tlsfeature
  • status_request
First seen at:

CN=msmx01.innoxy.net

Certificate chain
  • msmx01.innoxy.net
    • remaining
    • 384 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • msmx01.innoxy.net
Alternative Names
  • msmx01.innoxy.net
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-03-24
Not valid after
2024-06-22
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
12:31:D1:24:DE:50:8E:16:7E:78:18:87:51:46:39:B6:00:0C:40:EE:04:D0:AB:7A:81:38:6A:6B:83:BF:7D:18
SHA1
C9:58:4B:9B:03:B8:AD:BB:FA:02:80:C2:C3:FD:B1:13:5A:D3:E5:CA
X509v3 extensions
subjectKeyIdentifier
  • AF:82:97:B3:D0:E6:58:AA:4D:03:04:43:5D:8D:11:CD:2E:51:4B:C3
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
  • 67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
  • Timestamp : Mar 24 23:46:42.066 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:BA:46:9D:5A:28:B8:A1:19:68:4C:00:
  • C6:EF:10:B0:3D:72:6F:22:13:1F:91:72:A8:37:7E:17:
  • FF:69:D4:0A:69:02:21:00:F9:98:26:C1:2B:23:D1:AF:
  • 3D:38:70:96:26:67:B9:84:CF:6E:EB:98:01:A3:B0:78:
  • 76:C2:1F:C4:56:BD:B0:3E
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
  • 65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
  • Timestamp : Mar 24 23:46:44.112 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:0B:BB:76:0C:7B:E5:EB:37:11:C4:BF:BB:
  • 52:A5:27:AC:70:11:BE:C3:42:02:E4:48:7F:34:75:E3:
  • 04:BF:D4:0C:02:21:00:CB:7D:E2:46:F2:10:86:65:E0:
  • 74:32:88:2E:6C:0C:0F:99:52:8E:8B:51:FA:12:DF:86:
  • 01:57:0E:73:1B:46:59
tlsfeature
  • status_request

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.msmx02.innoxy.net
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
_25._tcp.msmx02.innoxy.net
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.msmx01.innoxy.net
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
_25._tcp.msmx01.innoxy.net
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid