a54c.fr - TLS / STARTTLS Test

Discover if the mail servers for a54c.fr can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 09 Jan 2025 01:32:25 +0000

Certificates

Trustworthy
Protocol

Problems found
DANE

Problems found

We can not guarantee a secure connection to the mailservers of a54c.fr!

Please contact the operator of a54c.fr and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/a54c.fr

Servers

Incoming Mails

These servers are responsible for incoming mails to @a54c.fr addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
webmail.reptigo.fr 2a13:1c46:cafe::15	10	supported	webmail.reptigo.fr	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-01-09 6 s
webmail.reptigo.fr 45.152.69.15 Results incomplete	10	unsupported	not checked	DANE errors PFS not checked Heartbleed not checked Weak ciphers not checked		2025-01-09 11 s

Outgoing Mails

We have not received any emails from a @a54c.fr address so far. Test mail delivery

Certificates

First seen at: 2025-01-09

CN=webmail.reptigo.fr

Certificate chain

webmail.reptigo.fr
- 2025-04-08 remaining
- 4096 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

webmail.reptigo.fr

Alternative Names

autoconfig.a54c.fr
autoconfig.mon-syndic.immo
autoconfig.touschdubois.fr
autodiscover.a54c.fr
autodiscover.mon-syndic.immo
autodiscover.touschdubois.fr
webmail.reptigo.fr

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2025-01-08
Not valid after: 2025-04-08

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: AC:55:85:6C:DA:87:65:75:D6:66:A2:B0:FD:A9:4D:0E:6E:9D:1C:23:3B:DE:CB:61:D1:FE:2E:1B:2B:2B:65:6D
SHA1: B0:D4:86:EC:0B:62:04:BA:B3:D9:9A:AA:A5:B3:62:96:97:93:65:54

X509v3 extensions

subjectKeyIdentifier

25:1E:F6:54:62:CF:5C:62:93:1F:FA:89:79:F0:D2:92:F9:7F:93:74

authorityKeyIdentifier

keyid:BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8

authorityInfoAccess

OCSP - URI:http://r10.o.lencr.org
CA Issuers - URI:http://r10.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
Timestamp : Jan 8 12:59:41.222 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:F4:4C:D7:91:F8:90:65:13:29:9F:67:
49:88:B0:95:2C:35:BD:5B:B5:04:D5:6E:13:1D:E0:80:
8E:59:D8:1B:B3:02:21:00:EA:5E:0E:20:BE:14:5B:CC:
84:D7:DD:78:80:3E:6C:8A:B0:55:E0:DF:E4:E9:61:BD:
0A:BD:22:BA:EE:FE:23:3B
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
Timestamp : Jan 8 12:59:41.499 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:3D:A9:E1:55:BE:A5:CC:A2:41:45:DB:6D:
3F:AB:8D:31:E2:D7:06:65:40:22:65:73:9C:6B:18:BB:
F5:FC:6F:EE:02:20:57:28:97:57:90:23:27:52:C1:AD:
61:39:4E:FD:E2:F8:4E:03:E0:5B:53:6D:42:DD:0D:C6:
0E:C8:4B:B3:2B:FF

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.webmail.reptigo.fr	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	error Debug	—

SSL check results of a54c.fr