SSL-Tools

SSL check results of shorted.ch

NEW You can also bulk check multiple servers.

Discover if the mail servers for shorted.ch can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 05 Nov 2024 19:06:41 +0000

The mailservers of shorted.ch can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @shorted.ch addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.atrimaconcepts.ch
2001:1620:768:43::500
 10
supported
mail.atrimaconcepts.ch
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
9 s
mail.atrimaconcepts.ch
82.197.161.104
 10
supported
mail.atrimaconcepts.ch
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
5 s

Outgoing Mails

We have not received any emails from a @shorted.ch address so far. Test mail delivery

Certificates

First seen at:

CN=mail.atrimaconcepts.ch

Certificate chain
  • mail.atrimaconcepts.ch
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.atrimaconcepts.ch
Alternative Names
  • mail.atrimaconcepts.ch
  • sogo.atrimaconcepts.ch
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2024-11-04
Not valid after
2025-02-02
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
CF:11:00:F8:5E:53:D7:38:69:20:A6:8C:54:AF:76:13:8E:BC:ED:CF:28:8D:F8:FA:86:44:03:E7:8F:80:E4:A8
SHA1
40:15:4A:46:87:44:AD:C4:EE:E2:82:CE:C1:6F:5F:9F:34:B9:99:03
X509v3 extensions
subjectKeyIdentifier
  • A9:D9:4C:AF:C6:2A:14:30:A5:50:08:07:E9:CB:77:F3:D3:15:86:3B
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • OCSP - URI:http://r11.o.lencr.org
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
  • 1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
  • Timestamp : Nov 4 20:40:46.685 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:B4:37:68:42:E5:16:59:17:58:8D:8C:
  • CA:4C:83:B9:41:77:0F:DD:82:D6:A6:94:59:00:4E:EE:
  • 60:A2:BA:51:C6:02:21:00:98:B9:34:18:DC:DB:93:CD:
  • 78:64:EB:B4:AE:1B:16:F2:04:CC:EC:F7:C0:4B:A0:E0:
  • AB:AF:30:76:3E:BF:73:AA
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
  • 16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
  • Timestamp : Nov 4 20:40:46.883 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:6C:3F:97:DF:8C:CA:8A:D9:20:CB:7C:2F:
  • 1F:7C:E0:0F:AD:F0:7A:8F:6C:09:99:7B:C6:D8:0B:C1:
  • 94:38:7D:47:02:21:00:E8:E0:1A:81:CF:1E:94:3C:61:
  • DA:C8:31:C6:20:0C:3E:F1:0F:24:9D:87:B0:FE:E9:9C:
  • 4A:E9:01:4C:80:02:6A

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.atrimaconcepts.ch
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid