SSL-Tools

SSL check results of nandlnet.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for nandlnet.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sun, 03 Aug 2025 06:10:31 +0000

The mailservers of nandlnet.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @nandlnet.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.nandlnet.de
88.133.48.245
 10
supported
buero.nandlnet.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
12 s
rcw-mx.namemaster.de
81.209.154.151
Results incomplete
25
supported
not checked
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Outgoing Mails

We have not received any emails from a @nandlnet.de address so far. Test mail delivery

Certificates

First seen at:

CN=buero.nandlnet.de

Certificate chain
  • buero.nandlnet.de
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R10
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • buero.nandlnet.de
Alternative Names
  • ad.nandlnet.de
  • buero.nandlnet.de
  • himbee.nandlnet.de
  • imap.chalissa.de
  • imap.nandlnet.de
  • mail.chalissa.de
  • mail.nandlnet.de
  • nand-nethserver.nandlnet.de
  • nethserver.nandlnet.de
  • openzwo.nandlnet.de
  • pop3.nandlnet.de
  • smtp.chalissa.de
  • smtp.nandlnet.de
  • www.nandlnet.de
  • zitrone.nandlnet.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R10
validity period
Not valid before
2025-07-08
Not valid after
2025-10-06
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
C9:21:67:C7:27:05:80:2F:9D:27:B9:E9:54:A8:77:08:5C:0F:62:47:AC:FA:BB:50:59:46:E4:DC:8A:1B:6A:FF
SHA1
DD:1B:14:07:1A:D3:B3:19:AF:6A:B4:90:E4:FD:34:48:47:A8:46:CD
X509v3 extensions
subjectKeyIdentifier
  • 4F:90:71:E9:35:18:DA:F7:4D:D9:E0:5E:F4:8A:7E:E7:23:0E:AD:0A
authorityKeyIdentifier
  • keyid:BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
authorityInfoAccess
  • CA Issuers - URI:http://r10.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r10.c.lencr.org/112.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
  • 3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
  • Timestamp : Jul 8 20:52:57.982 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:40:B3:46:0C:0B:0A:AF:9F:B9:4D:FF:D5:
  • FF:74:76:CF:0C:29:11:A4:25:5C:3C:60:53:D4:22:6B:
  • C5:D4:13:45:02:20:76:FB:ED:D6:EB:48:3D:53:AA:0C:
  • 58:7D:3F:AB:F7:18:FD:D2:09:D7:62:E2:F7:7D:D3:3F:
  • F9:93:2D:38:41:6E
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
  • 22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
  • Timestamp : Jul 8 20:52:59.943 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:9D:04:2C:11:C4:A4:25:AF:97:45:BA:
  • 18:F7:B1:1A:90:58:86:06:87:8F:1C:AB:6B:EC:FF:01:
  • 2F:49:7C:09:FD:02:20:3D:30:16:31:8B:B8:A8:4E:36:
  • F8:83:2A:6F:19:37:E6:34:34:EB:C8:26:60:47:B1:B5:
  • 81:2E:BE:2B:E2:D6:69