SSL-Tools

SSL check results of raab-consult.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for raab-consult.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Wed, 14 Apr 2021 09:55:02 +0000

The mailservers of raab-consult.de can be reached through an encrypted connection.

However, we found problems that may affect the security.

Servers

Incoming Mails

These servers are responsible for incoming mails to @raab-consult.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.raab-consult.de
134.119.39.91
 10
supported
cloud02.raab-consult.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
12 s

Outgoing Mails

We have received emails from these servers with @raab-consult.de sender addresses. Test mail delivery

Host TLS Version & Cipher
mail.raab-consult.net (134.119.39.91)
TLSv1.2 AECDH-AES256-SHA

Certificates

First seen at:

CN=cloud02.raab-consult.net

Certificate chain
Subject
Common Name (CN)
  • cloud02.raab-consult.net
Alternative Names
  • cloud02.raab-consult.net
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Organizational Unit (OU)
  • www.digicert.com
Common Name (CN)
  • Encryption Everywhere DV TLS CA - G1
validity period
Not valid before
2020-10-19
Not valid after
2021-10-19
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
B1:B7:E1:51:C0:E7:CD:D5:98:A9:83:35:80:71:33:BD:20:D0:62:89:C1:8C:30:8F:51:24:C6:A6:91:85:83:C4
SHA1
B2:30:F0:A7:E5:FF:18:7D:E0:E1:0C:DE:85:30:88:A8:7D:10:03:BE
X509v3 extensions
authorityKeyIdentifier
  • keyid:55:74:4F:B2:72:4F:F5:60:BA:50:D1:D7:E6:51:5C:9A:01:87:1A:D7
subjectKeyIdentifier
  • 25:42:12:80:60:FC:B2:29:AB:9D:65:1E:EF:C7:81:68:38:5D:5A:E1
certificatePolicies
  • Policy: 2.16.840.1.114412.1.2
  • CPS: https://www.digicert.com/CPS
  • Policy: 2.23.140.1.2.1
authorityInfoAccess
  • OCSP - URI:http://ocsp.digicert.com
  • CA Issuers - URI:http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G1.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : F6:5C:94:2F:D1:77:30:22:14:54:18:08:30:94:56:8E:
  • E3:4D:13:19:33:BF:DF:0C:2F:20:0B:CC:4E:F1:64:E3
  • Timestamp : Oct 19 09:21:06.122 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:24:BA:A5:40:C2:57:02:1E:F7:70:19:10:
  • 3C:CE:C8:D7:FE:6C:76:85:34:9F:BE:DB:9A:4B:E9:24:
  • 4E:31:F0:74:02:20:1D:8B:1A:9F:23:06:97:3F:6C:E2:
  • 92:01:D0:E0:C1:60:FA:F2:DF:2A:19:D4:EE:51:03:96:
  • 0A:C3:6A:E2:53:AA
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 5C:DC:43:92:FE:E6:AB:45:44:B1:5E:9A:D4:56:E6:10:
  • 37:FB:D5:FA:47:DC:A1:73:94:B2:5E:E6:F6:C7:0E:CA
  • Timestamp : Oct 19 09:21:06.193 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:B8:D1:B7:BE:FC:23:F1:B9:81:27:60:
  • B6:64:75:84:75:03:1B:CB:73:8D:38:81:22:C8:86:94:
  • 12:A6:7B:9C:CA:02:21:00:87:0C:E8:66:3E:7E:DB:FA:
  • 3C:C3:76:51:2C:E9:93:A1:D2:E5:68:17:92:DB:3D:3E:
  • 5A:18:15:07:0E:3F:60:2B