SSL-Tools

SSL check results of bestschool.cz

NEW You can also bulk check multiple servers.

Discover if the mail servers for bestschool.cz can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sat, 27 Jul 2024 00:30:48 +0000

The mailservers of bestschool.cz can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @bestschool.cz addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
bestschool.cz
2a01:4f8:c17:53a9::1
 10
supported
bestschool.cz
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
1 s
bestschool.cz
78.47.228.146
 10
supported
bestschool.cz
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
1 s

Outgoing Mails

We have not received any emails from a @bestschool.cz address so far. Test mail delivery

Certificates

First seen at:

CN=bestschool.cz

Certificate chain
  • bestschool.cz
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • bestschool.cz
Alternative Names
  • *.bestschool.cz
  • bestschool.cz
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2024-07-23
Not valid after
2024-10-21
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
AB:17:D9:EE:D7:C4:F4:BD:22:34:9E:55:6A:FB:43:2F:D6:58:AF:7A:0A:BA:6E:C0:D3:C6:99:D0:0B:9B:07:9B
SHA1
32:41:E3:F7:74:39:82:2A:E0:4A:13:F8:50:4C:5D:83:5F:CC:82:C4
X509v3 extensions
subjectKeyIdentifier
  • 88:99:58:A8:DE:DD:53:1B:3D:59:22:27:67:BF:71:9C:03:7B:3A:2C
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • OCSP - URI:http://r11.o.lencr.org
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
  • B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
  • Timestamp : Jul 23 07:01:20.590 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:7C:CB:9B:57:59:BE:CE:D3:CF:6F:CC:7C:
  • 09:1E:38:7E:A4:0F:C5:69:DC:6F:2F:93:BA:7F:23:2B:
  • 3B:73:6C:22:02:21:00:9C:CE:D4:21:15:1B:49:35:9C:
  • 2B:BF:F9:37:A7:6F:41:C4:68:18:0C:28:7D:B6:FB:46:
  • BF:9E:3B:27:18:B1:63
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
  • 83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
  • Timestamp : Jul 23 07:01:20.635 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:F9:E7:AA:27:33:6E:D9:20:9D:6F:B0:
  • FE:5E:CE:71:0E:D8:BD:C4:63:DE:9A:66:46:82:DC:A0:
  • 7A:D7:EC:32:DA:02:21:00:A7:03:17:D5:02:2F:71:0D:
  • 8A:96:16:8E:09:1F:A2:4D:EE:7E:6F:95:C4:89:BB:D5:
  • 96:49:69:A2:96:08:2F:19