SSL-Tools

SSL check results of alve.cz

NEW You can also bulk check multiple servers.

Discover if the mail servers for alve.cz can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 15 Aug 2022 10:08:35 +0000

We can not guarantee a secure connection to the mailservers of alve.cz!

Please contact the operator of alve.cz and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/alve.cz

Servers

Incoming Mails

These servers are responsible for incoming mails to @alve.cz addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
remote.alve.cz
185.188.103.150
 10
supported
remote.alve.cz
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
remote2.alve.cz
89.203.255.88
Results incomplete
15 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s
mx2.active24.com
81.0.238.28
Results incomplete
20
supported
*.active24.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Outgoing Mails

We have not received any emails from a @alve.cz address so far. Test mail delivery

Certificates

First seen at:

CN=remote.alve.cz,OU=Alve,O=Alve s.r.o.,L=Verovice,ST=CZ,C=CZ

Certificate chain
  • remote.alve.cz
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
    • Expired
    • Unknown Authority
      alve-ALVE02-CA
Subject
Country (C)
  • CZ
State (ST)
  • CZ
Locality (L)
  • Verovice
Organization (O)
  • Alve s.r.o.
Organizational Unit (OU)
  • Alve
Common Name (CN)
  • remote.alve.cz
Alternative Names
  • remote.alve.cz
  • alve03.alve.local
  • AutoDiscover.alve.local
  • AutoDiscover.alve.cz
  • AutoDiscover.alverosal.ro
  • AutoDiscover.alve.ro
  • AutoDiscover.alve.sk
  • AutoDiscover.alverosal.hu
  • alve.local
  • alve.cz
  • alverosal.ro
  • alve.ro
  • alve.sk
  • alverosal.hu
  • alve11.alve.local
  • ALVE03
  • ALVE11
Issuer
Domain Component (DC)
  • local
  • alve
Common Name (CN)
  • alve-ALVE02-CA
validity period
Not valid before
2020-08-13
Not valid after
2022-08-13
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
Fingerprints
SHA256
31:AD:DB:AE:A2:F7:78:2E:35:B0:BB:5D:38:00:88:BD:E6:4F:D7:D1:BD:C6:4B:EA:2D:F9:14:42:7E:29:25:BE
SHA1
CB:1D:25:72:2D:97:AC:1B:21:06:A0:D6:9C:CA:03:B6:32:C3:24:A8
X509v3 extensions
subjectKeyIdentifier
  • A7:87:B1:49:28:14:6C:DD:93:AA:AF:88:44:11:A0:A4:C6:6C:BB:30
authorityKeyIdentifier
  • keyid:00:18:32:F2:6F:9F:90:A0:3D:4E:D3:0F:7E:A3:C9:4F:4B:8E:96:27
crlDistributionPoints
  • Full Name:
  • URI:ldap:///CN=alve-ALVE02-CA,CN=Alve02,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=alve,DC=local?certificateRevocationList?base?objectClass=cRLDistributionPoint
authorityInfoAccess
  • CA Issuers - URI:ldap:///CN=alve-ALVE02-CA,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=alve,DC=local?cACertificate?base?objectClass=certificationAuthority
1_3_6_1_4_1_311_20_2
  • ...W.e.b.S.e.r.v.e.r
First seen at:

CN=*.active24.com

Certificate chain
Subject
Common Name (CN)
  • *.active24.com
Alternative Names
  • *.active24.com
  • active24.com
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Common Name (CN)
  • RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
validity period
Not valid before
2021-12-14
Not valid after
2022-12-14
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
45:45:69:EA:52:A7:0E:4B:B6:D3:A6:74:19:10:9D:9C:44:A2:04:62:90:88:29:D6:E8:22:EE:E2:50:4C:A6:AA
SHA1
C2:65:2E:F1:A3:24:B3:21:F7:46:99:EF:AD:3E:9F:76:C9:B0:E0:9F
X509v3 extensions
authorityKeyIdentifier
  • keyid:A4:8D:E5:BE:7C:79:E4:70:23:6D:2E:29:34:AD:23:58:DC:F5:31:7F
subjectKeyIdentifier
  • 39:4D:A3:F9:BE:44:DC:FA:40:79:D0:46:A9:C8:62:99:28:83:07:8A
crlDistributionPoints
  • Full Name:
  • URI:http://crl3.digicert.com/RapidSSLTLSDVRSAMixedSHA2562020CA-1.crl
  • Full Name:
  • URI:http://crl4.digicert.com/RapidSSLTLSDVRSAMixedSHA2562020CA-1.crl
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • CPS: http://www.digicert.com/CPS
authorityInfoAccess
  • OCSP - URI:http://ocsp.digicert.com
  • CA Issuers - URI:http://cacerts.digicert.com/RapidSSLTLSDVRSAMixedSHA2562020CA-1.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 46:A5:55:EB:75:FA:91:20:30:B5:A2:89:69:F4:F3:7D:
  • 11:2C:41:74:BE:FD:49:B8:85:AB:F2:FC:70:FE:6D:47
  • Timestamp : Dec 14 10:52:55.884 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:49:CD:25:04:17:6B:2B:3C:AE:FE:69:84:
  • CF:E3:C7:DD:0A:D5:B2:B7:95:CF:98:A9:B7:D4:D4:D6:
  • 5E:F3:9A:3B:02:21:00:DA:61:BB:BE:64:01:DF:8E:72:
  • 0D:BE:EC:B1:84:04:3A:A4:4F:0B:11:C8:52:B3:7C:3F:
  • E8:A8:46:6F:33:C4:CF
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 51:A3:B0:F5:FD:01:79:9C:56:6D:B8:37:78:8F:0C:A4:
  • 7A:CC:1B:27:CB:F7:9E:88:42:9A:0D:FE:D4:8B:05:E5
  • Timestamp : Dec 14 10:52:55.907 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:70:F9:DE:50:17:57:77:05:1E:C0:21:F1:
  • E1:17:3F:83:52:A6:06:73:C6:4A:15:8D:56:70:F2:63:
  • 45:3F:DB:FA:02:20:66:C5:2B:E6:B2:54:CC:E8:AD:13:
  • A5:C4:5C:61:F7:BE:9F:3C:3D:4D:B3:DD:DB:B0:44:87:
  • A3:B6:94:44:A6:C7
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 41:C8:CA:B1:DF:22:46:4A:10:C6:A1:3A:09:42:87:5E:
  • 4E:31:8B:1B:03:EB:EB:4B:C7:68:F0:90:62:96:06:F6
  • Timestamp : Dec 14 10:52:55.871 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:16:B1:D9:7B:5B:57:82:F2:C1:C4:C3:DF:
  • CA:27:F9:EF:AB:38:92:CE:FD:EC:D4:1D:7E:C7:7F:8A:
  • 02:66:3B:5F:02:21:00:F4:D7:9A:00:3C:EF:09:89:BD:
  • 75:FE:D2:68:8B:68:06:35:DA:0B:F4:28:B8:E3:A0:19:
  • 73:86:4B:5D:8A:73:11

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx2.active24.com
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid