SSL-Tools

SSL check results of robertwolf.dev

NEW You can also bulk check multiple servers.

Discover if the mail servers for robertwolf.dev can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 13 May 2021 18:46:02 +0000

The mailservers of robertwolf.dev can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @robertwolf.dev addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.wolfcast.io
2a03:4000:13:7e2:88d7:8aff:fed4:b5b
 0
supported
mail.wolfcast.io
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
mail.wolfcast.io
188.68.39.130
 0
supported
mail.wolfcast.io
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s

Outgoing Mails

We have received emails from these servers with @robertwolf.dev sender addresses. Test mail delivery

Host TLS Version & Cipher
mail.wolfcast.io (188.68.39.130)
TLSv1.3 TLS_AES_256_GCM_SHA384
unknown (IPv6:2a03:4000:13:7e2:88d7:8aff:fed4:b5b)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384

Certificates

First seen at:

CN=mail.wolfcast.io

Certificate chain
  • mail.wolfcast.io
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • DST Root CA X3 (Certificate is self-signed.)
            • remaining
            • 2048 bit
            • sha1WithRSAEncryption
Subject
Common Name (CN)
  • mail.wolfcast.io
Alternative Names
  • imap.wolfcast.io
  • mail.wolfcast.io
  • smtp.wolfcast.io
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2021-04-23
Not valid after
2021-07-22
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
AF:2D:C6:FC:61:14:9B:D7:2F:CA:05:EF:7A:71:05:91:6E:07:49:31:44:43:44:DC:53:19:6C:75:BC:A9:35:60
SHA1
94:58:BB:42:12:DE:B3:B8:D2:5C:26:92:8C:6B:77:90:88:13:C5:E0
X509v3 extensions
subjectKeyIdentifier
  • 74:CD:15:CD:46:8A:6A:E1:F4:0D:5B:5F:B0:10:EC:35:4B:0E:D8:88
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 5C:DC:43:92:FE:E6:AB:45:44:B1:5E:9A:D4:56:E6:10:
  • 37:FB:D5:FA:47:DC:A1:73:94:B2:5E:E6:F6:C7:0E:CA
  • Timestamp : Apr 23 01:28:28.713 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:2D:9D:37:E4:B2:A6:51:E9:CF:62:A9:55:
  • 02:D2:67:6C:40:F5:70:AF:D9:AD:DD:4F:30:C8:FD:49:
  • 67:1E:ED:F6:02:21:00:C7:CC:0E:A6:C9:19:C0:07:FA:
  • DD:BD:B8:06:5E:03:19:04:49:41:2B:8C:27:67:05:95:
  • D6:DF:0F:B6:AB:FC:5C
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7D:3E:F2:F8:8F:FF:88:55:68:24:C2:C0:CA:9E:52:89:
  • 79:2B:C5:0E:78:09:7F:2E:6A:97:68:99:7E:22:F0:D7
  • Timestamp : Apr 23 01:28:28.741 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:D7:B4:CB:07:41:05:70:24:D7:B3:FC:
  • 3C:F8:5E:20:71:F3:FB:42:4F:1C:72:33:0E:FB:6D:B9:
  • 20:4E:63:2B:63:02:20:32:FC:54:88:FC:39:5D:BC:24:
  • 05:10:EE:AC:23:F6:9A:0A:D3:8D:C5:AE:BC:D8:5A:B5:
  • 53:3C:8C:6C:25:E6:21

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.wolfcast.io
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mail.wolfcast.io
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mail.wolfcast.io
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mail.wolfcast.io
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mail.wolfcast.io
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid