SSL-Tools

SSL check results of linuxexpert.nl

NEW You can also bulk check multiple servers.

Discover if the mail servers for linuxexpert.nl can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sat, 27 Mar 2021 00:00:47 +0000

The mailservers of linuxexpert.nl can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @linuxexpert.nl addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
ggd1.linuxexpert.nl
2a00:51c0:2::100:1
 10
supported
ggd1.linuxexpert.nl
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
9 s
ggd1.linuxexpert.nl
95.215.186.98
 10
supported
ggd1.linuxexpert.nl
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
9 s
ggd2.linuxexpert.nl
2a00:51c0:2::100:2
 10
supported
ggd2.linuxexpert.nl
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
9 s
ggd2.linuxexpert.nl
95.215.186.99
 10
supported
ggd2.linuxexpert.nl
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
9 s

Outgoing Mails

We have not received any emails from a @linuxexpert.nl address so far. Test mail delivery

Certificates

First seen at:

CN=ggd1.linuxexpert.nl

Certificate chain
  • ggd1.linuxexpert.nl
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • DST Root CA X3 (Certificate is self-signed.)
            • remaining
            • 2048 bit
            • sha1WithRSAEncryption
Subject
Common Name (CN)
  • ggd1.linuxexpert.nl
Alternative Names
  • ggd1.linuxexpert.nl
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2021-03-26
Not valid after
2021-06-24
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
93:A1:97:6E:A1:E8:1F:C1:64:05:72:8B:E5:86:E9:D2:2D:BC:F2:5C:9A:FA:2E:69:B2:1E:04:7C:40:D4:55:7E
SHA1
FA:99:B4:DE:FA:D4:CA:2E:23:53:93:27:5F:AE:CC:2D:A1:95:21:71
X509v3 extensions
subjectKeyIdentifier
  • 58:30:9A:46:03:54:B8:48:2D:1B:4B:71:41:AF:6A:A1:EF:39:A2:02
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 94:20:BC:1E:8E:D5:8D:6C:88:73:1F:82:8B:22:2C:0D:
  • D1:DA:4D:5E:6C:4F:94:3D:61:DB:4E:2F:58:4D:A2:C2
  • Timestamp : Mar 26 23:52:32.383 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:EE:A9:B6:36:5A:45:5F:67:93:06:E8:
  • 74:5B:0A:2E:3B:D0:00:75:A9:A9:C4:2F:34:3F:3D:D0:
  • F4:B7:E8:20:C8:02:21:00:E5:DA:6F:65:0C:E6:88:DC:
  • DF:95:BC:81:63:28:E8:6F:74:51:B1:8C:73:48:25:B7:
  • 0A:6E:C4:CD:3F:EF:E7:AF
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : F6:5C:94:2F:D1:77:30:22:14:54:18:08:30:94:56:8E:
  • E3:4D:13:19:33:BF:DF:0C:2F:20:0B:CC:4E:F1:64:E3
  • Timestamp : Mar 26 23:52:32.376 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:F0:B1:3A:3E:E5:65:93:A3:15:E2:5D:
  • FC:F5:07:65:BE:0D:5E:D6:D1:95:96:D4:6C:0D:C7:D9:
  • 67:87:C1:14:35:02:21:00:F7:9C:E8:F5:1F:C7:40:BB:
  • 4D:DD:68:3B:60:6E:BD:FE:8D:CA:A0:0D:B5:67:11:65:
  • 81:91:CE:82:6A:FC:FA:1D
First seen at:

CN=ggd2.linuxexpert.nl

Certificate chain
  • ggd2.linuxexpert.nl
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • DST Root CA X3 (Certificate is self-signed.)
            • remaining
            • 2048 bit
            • sha1WithRSAEncryption
Subject
Common Name (CN)
  • ggd2.linuxexpert.nl
Alternative Names
  • ggd2.linuxexpert.nl
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2021-03-26
Not valid after
2021-06-24
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
37:28:1D:E4:BC:36:1C:D1:C1:97:80:09:17:DE:6D:AB:95:D1:A2:25:62:6D:95:BD:A2:C0:2A:A1:17:B3:5D:1B
SHA1
40:E9:B2:77:88:17:CC:5B:DA:88:E4:4F:12:35:C2:E1:2B:2F:FD:78
X509v3 extensions
subjectKeyIdentifier
  • A3:C5:6A:E1:3B:39:74:7D:05:DF:E7:5B:58:FF:95:B6:74:26:51:73
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 44:94:65:2E:B0:EE:CE:AF:C4:40:07:D8:A8:FE:28:C0:
  • DA:E6:82:BE:D8:CB:31:B5:3F:D3:33:96:B5:B6:81:A8
  • Timestamp : Mar 26 23:52:33.130 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:23:2F:95:2B:3B:F2:3D:C5:81:D7:EC:D3:
  • 33:BC:84:89:A5:4F:2A:8C:E5:E7:1F:5C:D9:E4:EA:00:
  • DA:0B:F3:06:02:21:00:ED:06:22:0D:16:E6:33:09:8F:
  • 65:A6:95:F6:C4:DC:B7:41:C3:28:32:7E:DB:8D:13:FC:
  • C8:C0:29:1D:EC:3D:AA
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7D:3E:F2:F8:8F:FF:88:55:68:24:C2:C0:CA:9E:52:89:
  • 79:2B:C5:0E:78:09:7F:2E:6A:97:68:99:7E:22:F0:D7
  • Timestamp : Mar 26 23:52:33.165 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:51:F7:EC:1E:70:69:0D:30:D1:7B:86:EA:
  • DA:DF:E1:01:E2:F6:26:4B:A1:7D:F2:8C:84:AB:8E:83:
  • 2B:D0:EC:DA:02:20:39:36:09:A3:D2:EF:18:9D:BB:7C:
  • 82:F4:06:F6:75:D5:8D:BA:AB:C5:17:A7:D2:A8:A1:16:
  • C1:4C:9E:C5:C0:5A

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.ggd1.linuxexpert.nl
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-512 Hash
valid
valid
_25._tcp.ggd2.linuxexpert.nl
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-512 Hash
valid
valid