SSL-Tools

SSL check results of berenberg.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for berenberg.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 05 Dec 2022 13:32:05 +0000

The mailservers of berenberg.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @berenberg.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail3.berenbergbank.de
62.96.241.68
 10
supported
mail3.berenbergbank.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • SSLv3
12 s
mail4.berenbergbank.de
62.96.241.69
 10
supported
mail4.berenbergbank.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • SSLv3
12 s

Outgoing Mails

We have received emails from these servers with @berenberg.de sender addresses. Test mail delivery

Host TLS Version & Cipher
mail3.berenbergbank.de (62.96.241.68)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384

Certificates

First seen at:

CN=mail3.berenbergbank.de,O=Joh. Berenberg\, Gossler & Co. KG,ST=Hamburg,C=DE

Certificate chain
Subject
Country (C)
  • DE
State (ST)
  • Hamburg
Organization (O)
  • Joh. Berenberg, Gossler & Co. KG
Common Name (CN)
  • mail3.berenbergbank.de
Alternative Names
  • mail3.berenbergbank.de
  • www.mail3.berenbergbank.de
Issuer
Country (C)
  • GB
State (ST)
  • Greater Manchester
Locality (L)
  • Salford
Organization (O)
  • Sectigo Limited
Common Name (CN)
  • Sectigo RSA Organization Validation Secure Server CA
validity period
Not valid before
2022-06-22
Not valid after
2023-07-23
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
6A:C6:23:E5:17:28:E8:B1:D6:E6:CE:DC:2B:CB:64:EC:C9:2A:1C:82:01:FC:68:67:D1:92:6A:39:DB:2B:CF:70
SHA1
4C:6F:06:7B:A6:F0:25:40:04:1E:A6:B1:22:E9:32:B8:E5:EC:C2:BE
X509v3 extensions
authorityKeyIdentifier
  • keyid:17:D9:D6:25:27:67:F9:31:C2:49:43:D9:30:36:44:8C:6C:A9:4F:EB
subjectKeyIdentifier
  • 64:97:13:91:AE:71:BD:A1:79:CC:34:67:4F:37:22:69:0F:F9:D1:D7
certificatePolicies
  • Policy: 1.3.6.1.4.1.6449.1.2.1.3.4
  • CPS: https://sectigo.com/CPS
  • Policy: 2.23.140.1.2.2
crlDistributionPoints
  • Full Name:
  • URI:http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
authorityInfoAccess
  • CA Issuers - URI:http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
  • OCSP - URI:http://ocsp.sectigo.com
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : AD:F7:BE:FA:7C:FF:10:C8:8B:9D:3D:9C:1E:3E:18:6A:
  • B4:67:29:5D:CF:B1:0C:24:CA:85:86:34:EB:DC:82:8A
  • Timestamp : Jun 22 08:19:27.884 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:8C:A3:D2:6B:C8:47:2B:7F:E4:95:51:
  • 41:75:FB:40:B1:54:BD:CE:52:F9:DD:06:5D:ED:57:56:
  • E9:34:C3:0F:27:02:21:00:D6:5F:9B:11:EA:EA:83:65:
  • C5:0D:C2:D4:3C:9F:F0:36:1D:DE:53:DD:A4:B0:34:D4:
  • B3:ED:DD:44:8A:7F:D0:C9
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7A:32:8C:54:D8:B7:2D:B6:20:EA:38:E0:52:1E:E9:84:
  • 16:70:32:13:85:4D:3B:D2:2B:C1:3A:57:A3:52:EB:52
  • Timestamp : Jun 22 08:19:27.834 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:DE:A2:93:40:14:2E:01:6A:7B:CF:B1:
  • 21:39:D2:09:4E:BF:7E:5F:AC:10:BD:6A:D9:63:93:6A:
  • 73:ED:60:28:CA:02:20:1A:50:48:0E:23:A9:D7:D0:B3:
  • 29:A3:D2:32:61:F5:6E:DC:29:86:F9:18:B4:1C:35:00:
  • C8:B0:58:1B:FE:84:43
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : E8:3E:D0:DA:3E:F5:06:35:32:E7:57:28:BC:89:6B:C9:
  • 03:D3:CB:D1:11:6B:EC:EB:69:E1:77:7D:6D:06:BD:6E
  • Timestamp : Jun 22 08:19:27.813 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:FE:BA:C6:DC:D5:B5:5B:48:79:0E:95:
  • 48:EF:47:D9:81:36:6B:23:CE:AC:98:46:BA:BB:6F:26:
  • B5:1E:EB:64:D1:02:21:00:B0:9D:35:A8:4D:D4:A5:23:
  • 83:27:0D:8C:2C:A3:55:9E:40:24:85:66:87:14:5A:B6:
  • 23:18:82:41:90:D1:A2:E2
First seen at:

CN=mail4.berenbergbank.de,O=Joh. Berenberg\, Gossler & Co. KG,ST=Hamburg,C=DE

Certificate chain
Subject
Country (C)
  • DE
State (ST)
  • Hamburg
Organization (O)
  • Joh. Berenberg, Gossler & Co. KG
Common Name (CN)
  • mail4.berenbergbank.de
Alternative Names
  • mail4.berenbergbank.de
  • www.mail4.berenbergbank.de
Issuer
Country (C)
  • GB
State (ST)
  • Greater Manchester
Locality (L)
  • Salford
Organization (O)
  • Sectigo Limited
Common Name (CN)
  • Sectigo RSA Organization Validation Secure Server CA
validity period
Not valid before
2022-06-22
Not valid after
2023-07-23
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
04:91:25:57:0F:58:A3:75:71:30:30:35:4E:AF:3D:60:6F:AC:58:7C:85:53:7E:18:09:F5:16:B6:71:D8:39:BF
SHA1
79:8F:8F:0D:C1:6C:FA:84:A0:26:7F:04:C4:9E:04:E9:D3:9A:64:6A
X509v3 extensions
authorityKeyIdentifier
  • keyid:17:D9:D6:25:27:67:F9:31:C2:49:43:D9:30:36:44:8C:6C:A9:4F:EB
subjectKeyIdentifier
  • 60:75:60:53:8E:D9:A4:A5:9F:BE:E9:58:59:75:16:55:20:00:31:29
certificatePolicies
  • Policy: 1.3.6.1.4.1.6449.1.2.1.3.4
  • CPS: https://sectigo.com/CPS
  • Policy: 2.23.140.1.2.2
crlDistributionPoints
  • Full Name:
  • URI:http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
authorityInfoAccess
  • CA Issuers - URI:http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
  • OCSP - URI:http://ocsp.sectigo.com
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : AD:F7:BE:FA:7C:FF:10:C8:8B:9D:3D:9C:1E:3E:18:6A:
  • B4:67:29:5D:CF:B1:0C:24:CA:85:86:34:EB:DC:82:8A
  • Timestamp : Jun 22 08:21:48.507 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:8F:F4:ED:D1:6B:F7:87:9D:2E:F8:9D:
  • D8:BF:1F:5A:7F:73:1F:1E:90:06:A2:B4:14:F6:5C:D3:
  • 5B:56:FE:A2:5B:02:21:00:A2:19:94:49:69:4E:94:6D:
  • 99:C5:30:A3:00:69:A9:C1:6D:E0:45:F9:DB:C5:63:FE:
  • 52:58:56:0C:38:4D:7E:01
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7A:32:8C:54:D8:B7:2D:B6:20:EA:38:E0:52:1E:E9:84:
  • 16:70:32:13:85:4D:3B:D2:2B:C1:3A:57:A3:52:EB:52
  • Timestamp : Jun 22 08:21:48.460 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:0D:F8:3B:AC:73:6D:F9:82:A7:C5:FE:F3:
  • EE:4D:1D:9F:51:0B:91:49:AE:AA:69:2D:9C:6D:92:4C:
  • 03:E3:9A:DC:02:21:00:E7:76:7A:92:4E:52:14:02:3F:
  • B4:0E:FB:DE:05:5E:D0:6A:76:24:F5:47:FF:16:6F:8E:
  • F1:A1:81:A4:FA:F8:31
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : E8:3E:D0:DA:3E:F5:06:35:32:E7:57:28:BC:89:6B:C9:
  • 03:D3:CB:D1:11:6B:EC:EB:69:E1:77:7D:6D:06:BD:6E
  • Timestamp : Jun 22 08:21:48.432 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:31:3B:CB:F5:DC:0A:9A:A6:94:41:8D:D2:
  • 2D:EB:8D:07:CE:6D:7E:68:75:CF:FA:53:DA:B6:63:7B:
  • 07:2B:5F:95:02:20:4C:B4:A0:EA:2D:91:BF:3F:2F:30:
  • A9:1A:CE:48:D5:C3:6B:B0:89:04:ED:DB:A7:C7:8E:78:
  • 9F:4A:7C:EA:A2:30