SSL-Tools

SSL check results of aerim.es

NEW You can also bulk check multiple servers.

Discover if the mail servers for aerim.es can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sun, 01 Nov 2020 16:38:35 +0000

The mailservers of aerim.es can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @aerim.es addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.aerim.es
5.196.246.235
 1
supported
mail.aerim.es
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s

Outgoing Mails

We have received emails from these servers with @aerim.es sender addresses. Test mail delivery

Host TLS Version & Cipher
mail.aerim.es (5.196.246.235)
TLSv1.3 TLS_AES_256_GCM_SHA384

Certificates

First seen at:

CN=mail.aerim.es

Certificate chain
Subject
Common Name (CN)
  • mail.aerim.es
Alternative Names
  • mail.aerim.es
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • Let's Encrypt Authority X3
validity period
Not valid before
2020-10-18
Not valid after
2021-01-16
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
F3:50:23:23:7C:1C:2C:A3:CB:08:9D:21:4F:44:11:CF:3F:98:2A:97:76:99:91:8B:80:5F:98:0A:32:A6:68:73
SHA1
D7:E8:04:2E:3B:39:A7:C7:0C:18:3A:B7:F6:02:A3:1F:F4:A5:BF:A4
X509v3 extensions
subjectKeyIdentifier
  • 26:8F:DA:8D:E1:E2:E6:84:76:FA:D1:CF:FA:F2:DD:0B:FE:A5:C3:2E
authorityKeyIdentifier
  • keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
authorityInfoAccess
  • OCSP - URI:http://ocsp.int-x3.letsencrypt.org
  • CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 94:20:BC:1E:8E:D5:8D:6C:88:73:1F:82:8B:22:2C:0D:
  • D1:DA:4D:5E:6C:4F:94:3D:61:DB:4E:2F:58:4D:A2:C2
  • Timestamp : Oct 18 12:18:04.328 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:52:57:D8:B6:5B:8B:71:51:98:45:C8:68:
  • E9:83:BC:07:13:70:82:2E:7E:02:96:36:8B:6D:8F:D4:
  • 52:05:8E:27:02:20:48:5C:70:7A:B7:E4:B0:25:61:C3:
  • 6F:52:72:99:E5:08:2E:0B:CA:B2:A2:10:CF:40:4C:EA:
  • F7:6F:A3:2C:F6:4F
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : F6:5C:94:2F:D1:77:30:22:14:54:18:08:30:94:56:8E:
  • E3:4D:13:19:33:BF:DF:0C:2F:20:0B:CC:4E:F1:64:E3
  • Timestamp : Oct 18 12:18:04.322 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:76:3B:39:B9:94:14:2C:00:36:3F:28:01:
  • 1F:81:46:CC:67:69:BB:73:96:F1:4B:4D:76:24:37:D9:
  • E6:39:71:F2:02:21:00:BA:65:A7:AA:8A:56:E2:9C:42:
  • 48:BB:C5:7C:FE:76:45:05:59:00:6A:2A:F8:DD:25:5E:
  • 1A:E5:90:10:2F:B4:60

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.aerim.es
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid