ssmgen.org - TLS / STARTTLS Test

Discover if the mail servers for ssmgen.org can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sat, 18 Mar 2023 07:45:25 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Missing

The mailservers of ssmgen.org can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @ssmgen.org addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mailgw01.host.it 81.31.144.36	10	supported	*.host.it	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-03-18 2 s
mailgw02.host.it 185.201.64.70	10	supported	*.host.it	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-03-18 2 s

Outgoing Mails

We have not received any emails from a @ssmgen.org address so far. Test mail delivery

Certificates

First seen at: 2022-06-16

CN=*.host.it

Certificate chain

*.host.it
- 2023-06-03 remaining
- 2048 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

*.host.it

Alternative Names

*.host.it
host.it

Issuer

Country (C)

Organization (O)

GlobalSign nv-sa

Common Name (CN)

AlphaSSL CA - SHA256 - G2

validity period

Not valid before: 2022-05-02
Not valid after: 2023-06-03

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 6A:35:1D:DB:82:28:C3:F9:ED:F0:E0:92:24:06:83:B8:5B:F3:5A:40:BA:02:44:E4:F0:2D:6B:3C:4F:61:9B:5A
SHA1: 25:80:61:18:35:A7:83:BA:6D:F9:2F:5D:6F:11:DD:14:8F:E4:B1:53

X509v3 extensions

authorityInfoAccess

CA Issuers - URI:http://secure.globalsign.com/cacert/gsalphasha2g2r1.crt
OCSP - URI:http://ocsp2.globalsign.com/gsalphasha2g2

certificatePolicies

Policy: 1.3.6.1.4.1.4146.1.10.10
CPS: https://www.globalsign.com/repository/
Policy: 2.23.140.1.2.1

crlDistributionPoints

Full Name:
URI:http://crl.globalsign.com/gs/gsalphasha2g2.crl

authorityKeyIdentifier

keyid:F5:CD:D5:3C:08:50:F9:6A:4F:3A:B7:97:DA:56:83:E6:69:D2:68:F7

subjectKeyIdentifier

6F:F8:E7:06:4B:A2:6E:54:7E:14:E4:15:65:BC:10:C1:89:00:D1:50

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : E8:3E:D0:DA:3E:F5:06:35:32:E7:57:28:BC:89:6B:C9:
03:D3:CB:D1:11:6B:EC:EB:69:E1:77:7D:6D:06:BD:6E
Timestamp : May 2 09:49:23.003 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:2A:4D:25:E3:DF:AF:6E:BC:50:E0:0C:FB:
87:15:41:49:65:C2:E3:91:5D:CC:C6:E7:D5:40:FF:14:
6A:7D:1F:25:02:21:00:CD:69:44:89:6A:87:EF:E5:86:
EA:BD:F7:63:FD:8D:83:1D:75:C1:AC:10:66:81:8E:E3:
67:42:89:C6:58:3E:CA
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
Timestamp : May 2 09:49:22.207 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:A6:14:AE:CD:52:67:40:0D:BE:6E:5C:
B3:F1:37:BD:97:CE:B5:6F:48:09:BB:14:1E:87:8D:D3:
80:7D:1F:4C:CB:02:20:55:DF:F3:DC:79:47:0B:56:6F:
64:C2:35:BD:84:FC:DE:A1:3E:E5:BE:86:5B:AF:1C:94:
41:C0:96:71:F6:77:EA
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 55:81:D4:C2:16:90:36:01:4A:EA:0B:9B:57:3C:53:F0:
C0:E4:38:78:70:25:08:17:2F:A3:AA:1D:07:13:D3:0C
Timestamp : May 2 09:49:22.253 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:79:0F:39:4E:25:DB:D5:8F:47:5B:46:2D:
2F:41:79:E3:61:08:B2:4C:F6:77:25:52:25:39:3B:07:
C4:6C:7A:8C:02:20:37:3C:08:3D:CC:60:F1:90:09:27:
0B:41:FC:9A:28:BF:E7:63:51:0F:61:DD:DE:AB:42:25:
40:4E:41:A9:E7:51

SSL check results of ssmgen.org