SSL-Tools

SSL check results of ttmab.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for ttmab.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 22 Oct 2024 12:43:56 +0000

The mailservers of ttmab.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @ttmab.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.ttmab.de
89.58.5.245
 10
supported
mail.ttmab.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
4 s

Outgoing Mails

We have not received any emails from a @ttmab.de address so far. Test mail delivery

Certificates

First seen at:

CN=mail.ttmab.de

Certificate chain
  • mail.ttmab.de
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.ttmab.de
Alternative Names
  • mail.ttmab.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2024-10-04
Not valid after
2025-01-02
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
87:84:29:49:7B:6F:4E:6B:70:D2:79:5D:76:90:5C:97:08:B6:B2:C0:87:DA:B5:7F:EC:01:ED:9F:EA:BB:E2:0D
SHA1
06:B8:FB:34:3F:E5:3F:FA:C7:C8:A0:86:9E:6E:07:D3:EC:D9:40:74
X509v3 extensions
subjectKeyIdentifier
  • 3E:1A:D7:72:46:F2:76:AC:DC:05:A9:49:E9:CC:4B:89:43:5E:06:62
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • OCSP - URI:http://r11.o.lencr.org
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
  • D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
  • Timestamp : Oct 4 09:48:45.442 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:E4:91:E2:33:49:A2:C6:D7:E3:A9:72:
  • 05:80:E0:22:BC:37:13:FF:87:16:34:C1:1B:B3:87:29:
  • B3:EB:F7:E0:F4:02:21:00:F3:A5:34:DB:DA:CF:D3:2E:
  • FD:5A:92:11:C4:04:A5:92:DE:39:12:41:92:36:2A:F8:
  • 01:BD:8A:B2:A0:BD:FF:91
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
  • 1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
  • Timestamp : Oct 4 09:48:45.518 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:B8:25:EB:BD:CA:6C:45:D6:6C:87:63:
  • A0:C8:75:9F:9E:04:CF:A2:BB:D3:A6:62:A7:F4:BC:8C:
  • 34:3A:67:9A:D9:02:20:21:82:10:84:63:5E:5C:E6:C0:
  • 2B:5B:53:77:3B:19:60:3E:8C:65:7A:F5:A3:05:27:D7:
  • 35:04:8F:3B:94:68:7C

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.ttmab.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mail.ttmab.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid