SSL-Tools

SSL check results of bgn-it.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for bgn-it.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Fri, 07 Nov 2025 09:04:40 +0000

The mailservers of bgn-it.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @bgn-it.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.bgn-it.de
2a01:4f8:212:aa1::3
Results incomplete
10 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s
mail.bgn-it.de
136.243.42.165
 10
supported
mail.nitzler.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
1 s

Outgoing Mails

We have not received any emails from a @bgn-it.de address so far. Test mail delivery

Certificates

First seen at:

CN=mail.nitzler.de

Certificate chain
  • mail.nitzler.de
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R13
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.nitzler.de
Alternative Names
  • imap.bgn-it.de
  • imap.nitzler.de
  • mail.bgn-it.de
  • mail.nitzler.de
  • smtp.bgn-it.de
  • smtp.nitzler.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R13
validity period
Not valid before
2025-10-31
Not valid after
2026-01-29
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
B7:F5:92:D3:46:48:56:42:2B:AC:DC:6E:89:5D:06:DB:28:72:6D:38:69:92:8C:D6:63:58:F1:E4:A1:9F:4D:97
SHA1
F4:96:FA:BF:34:C4:22:82:47:9C:37:7F:1C:8D:04:F6:E3:2D:4F:37
X509v3 extensions
subjectKeyIdentifier
  • 33:7D:FC:35:31:C7:6E:69:78:9F:D6:A3:BD:A7:07:4A:2B:E8:08:36
authorityKeyIdentifier
  • keyid:E7:AB:9F:0F:2C:33:A0:53:D3:5E:4F:78:C8:B2:84:0E:3B:D6:92:33
authorityInfoAccess
  • CA Issuers - URI:http://r13.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r13.c.lencr.org/15.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 49:9C:9B:69:DE:1D:7C:EC:FC:36:DE:CD:87:64:A6:B8:
  • 5B:AF:0A:87:80:19:D1:55:52:FB:E9:EB:29:DD:F8:C3
  • Timestamp : Oct 31 23:36:37.120 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:A9:50:65:98:0D:0C:1A:3C:A5:1B:59:
  • 1B:8D:96:99:92:8E:4C:56:9F:2D:C3:CB:43:AE:7E:72:
  • BC:C4:96:F9:4C:02:20:47:5B:A0:3A:2D:20:1F:F0:BA:
  • E6:1E:8F:08:7A:03:55:52:DB:13:AB:8F:70:9E:C5:9D:
  • E2:24:ED:C2:12:FE:C7
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 19:86:D4:C7:28:AA:6F:FE:BA:03:6F:78:2A:4D:01:91:
  • AA:CE:2D:72:31:0F:AE:CE:5D:70:41:2D:25:4C:C7:D4
  • Timestamp : Oct 31 23:36:37.120 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:B3:68:70:8C:F0:B5:15:64:4C:B6:25:
  • A9:BD:2C:A3:FD:50:77:CD:66:23:54:09:1A:A7:E0:F4:
  • EA:8F:F9:FD:CD:02:21:00:AB:CB:B5:CB:DA:F7:25:C2:
  • 3A:AA:3A:17:58:F2:B7:F9:1F:EE:9B:8C:C4:0E:06:EC:
  • 36:2C:1E:0F:BA:35:22:45