wh1.providerlijst.com - TLS / STARTTLS Test

Discover if the mail servers for wh1.providerlijst.com can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 06 Jul 2020 10:27:14 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Valid

The mailservers of wh1.providerlijst.com can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @wh1.providerlijst.com addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mail.providerlijst.com 2001:41d0:1004:b56:101::1	10	supported	*.providerlijst.com	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2020-07-06 2 s
mail.providerlijst.com 46.105.171.35	10	supported	*.providerlijst.com	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2020-07-06 2 s

Outgoing Mails

We have not received any emails from a @wh1.providerlijst.com address so far. Test mail delivery

Certificates

First seen at: 2020-07-06

CN=*.providerlijst.com

Certificate chain

*.providerlijst.com
- 2020-09-26 remaining
- 256 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

*.providerlijst.com

Alternative Names

*.providerlijst.com
providerlijst.com

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

Let's Encrypt Authority X3

validity period

Not valid before: 2020-06-28
Not valid after: 2020-09-26

This certifcate has been verified for the following usages:

Digital Signature
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: D1:AA:62:89:85:14:FC:4D:B0:55:A5:DC:09:32:9A:70:C9:B3:F7:8C:F6:06:CF:BC:1D:6D:B0:06:3C:08:96:FF
SHA1: 37:C2:64:05:5B:A8:48:3F:62:66:59:79:09:EB:FB:63:DE:61:F3:A7

X509v3 extensions

subjectKeyIdentifier

19:EB:EA:BA:07:5D:E6:AD:28:2C:3D:A4:25:17:8C:52:4A:F9:39:B3

authorityKeyIdentifier

keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1

authorityInfoAccess

OCSP - URI:http://ocsp.int-x3.letsencrypt.org
CA Issuers - URI:http://cert.int-x3.letsencrypt.org/

certificatePolicies

Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
CPS: http://cps.letsencrypt.org

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : F0:95:A4:59:F2:00:D1:82:40:10:2D:2F:93:88:8E:AD:
4B:FE:1D:47:E3:99:E1:D0:34:A6:B0:A8:AA:8E:B2:73
Timestamp : Jun 28 13:57:26.009 2020 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:D7:57:05:E7:BB:36:6F:2D:85:98:09:
E7:6C:55:82:5B:59:08:8B:75:D3:74:6D:45:E4:07:2B:
59:58:FE:97:F0:02:21:00:A9:77:4E:D0:35:DA:CF:70:
64:B3:01:B0:90:67:1B:A6:5C:88:49:33:6D:6F:28:5A:
EE:EA:F8:31:9D:EB:2A:FF
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 07:B7:5C:1B:E5:7D:68:FF:F1:B0:C6:1D:23:15:C7:BA:
E6:57:7C:57:94:B7:6A:EE:BC:61:3A:1A:69:D3:A2:1C
Timestamp : Jun 28 13:57:26.069 2020 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:5A:C8:48:5E:38:97:0B:10:B0:17:8D:84:
CF:A9:94:74:70:F0:81:A9:C8:37:CC:3F:57:E9:79:69:
96:EA:E1:E2:02:21:00:AD:B8:D2:86:EA:C9:CF:8A:BE:
96:9C:B5:28:82:D2:2E:10:A5:88:B8:94:BE:00:08:94:
92:FB:D1:79:DB:AC:FF

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.mail.providerlijst.com	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	valid
_25._tcp.mail.providerlijst.com	DANE-EE: Domain Issued Certificate Use subject public key SHA-512 Hash	valid	valid

SSL check results of wh1.providerlijst.com