SSL check results of welizia.ch

NEW You can also bulk check multiple servers.

Discover if the mail servers for welizia.ch can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Sun, 19 Nov 2023 14:37:25 +0000

We can not guarantee a secure connection to the mailservers of welizia.ch!

Please contact the operator of welizia.ch and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/welizia.ch

Servers

Incoming Mails

These servers are responsible for incoming mails to @welizia.ch addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.welizia.ch
2a02:169:121a::1448
Results incomplete
0 not checked
DANE
errors
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s
mail.welizia.ch
80.253.94.247
0
supported
mail.welizia.ch
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
10 s

Outgoing Mails

We have not received any emails from a @welizia.ch address so far. Test mail delivery

Certificates

First seen at:

CN=mail.welizia.ch,OU=mailcow,O=mailcow,L=Willich,ST=NRW,C=DE

Certificate chain
  • mail.welizia.ch (Certificate is self-signed.)
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
    • Unknown Authority

Subject
Country (C)
  • DE
State (ST)
  • NRW
Locality (L)
  • Willich
Organization (O)
  • mailcow
Organizational Unit (OU)
  • mailcow
Common Name (CN)
  • mail.welizia.ch
Issuer

Certificate is self-signed.

validity period
Not valid before
2023-11-10
Not valid after
2024-11-09
Fingerprints
SHA256
D9:0A:F2:2C:F9:B7:A1:C8:76:6F:05:54:8A:33:E4:B8:A7:6C:8F:F3:CD:52:88:BA:F4:30:91:92:87:D5:FB:13
SHA1
A7:6F:E2:A0:08:89:4C:0E:74:99:7E:F2:E9:B3:59:5E:E9:BA:04:A5
X509v3 extensions
subjectKeyIdentifier
  • 1A:F5:30:A0:6B:15:0C:91:D2:54:B2:AF:C7:43:65:F5:34:E3:2A:4E
authorityKeyIdentifier
  • keyid:1A:F5:30:A0:6B:15:0C:91:D2:54:B2:AF:C7:43:65:F5:34:E3:2A:4E

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.welizia.ch
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid