bkastl.de - TLS / STARTTLS Test

Discover if the mail servers for bkastl.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 16 Sep 2021 12:38:26 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Missing

The mailservers of bkastl.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @bkastl.de addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
spitaler.uberspace.de 2a00:d0c0:200::b9:1a:9c:80	0	supported	*.uberspace.de	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2021-09-16 36 s
spitaler.uberspace.de 185.26.156.174	0	supported	*.uberspace.de	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2021-09-16 36 s

Outgoing Mails

We have not received any emails from a @bkastl.de address so far. Test mail delivery

Certificates

First seen at: 2021-03-14

CN=*.uberspace.de

Certificate chain

*.uberspace.de
- 2022-03-29 remaining
- 2048 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

*.uberspace.de

Alternative Names

*.uberspace.de
uberspace.de

Issuer

Country (C)

Organization (O)

GlobalSign nv-sa

Common Name (CN)

AlphaSSL CA - SHA256 - G2

validity period

Not valid before: 2021-02-25
Not valid after: 2022-03-29

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 91:D4:AF:DA:8A:12:C6:45:98:F5:93:4B:85:04:43:40:29:F1:31:7E:FA:AB:F0:8F:DD:81:3C:4E:EB:36:E6:52
SHA1: 25:51:8B:6A:45:14:F2:AE:B1:8C:EA:0A:4C:E8:5B:69:56:C7:E1:2E

X509v3 extensions

authorityInfoAccess

CA Issuers - URI:http://secure2.alphassl.com/cacert/gsalphasha2g2r1.crt
OCSP - URI:http://ocsp2.globalsign.com/gsalphasha2g2

certificatePolicies

Policy: 1.3.6.1.4.1.4146.1.10.10
CPS: https://www.globalsign.com/repository/
Policy: 2.23.140.1.2.1

crlDistributionPoints

Full Name:
URI:http://crl2.alphassl.com/gs/gsalphasha2g2.crl

authorityKeyIdentifier

keyid:F5:CD:D5:3C:08:50:F9:6A:4F:3A:B7:97:DA:56:83:E6:69:D2:68:F7

subjectKeyIdentifier

61:CB:67:FA:2F:48:35:D2:7F:07:07:B1:0E:8D:01:D3:1D:DE:99:04

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
Timestamp : Feb 25 12:36:37.040 2021 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:01:BA:18:2D:B0:46:AA:D1:4D:34:76:C1:
00:4F:F9:84:74:68:A7:75:96:20:B3:07:3D:4D:EC:DE:
83:00:71:1F:02:21:00:F1:2A:56:23:6A:17:D7:FF:B3:
2D:81:1A:EA:17:23:B2:A7:5F:B6:31:73:5B:8B:26:A5:
59:75:D5:E5:9F:3D:C8
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 29:79:BE:F0:9E:39:39:21:F0:56:73:9F:63:A5:77:E5:
BE:57:7D:9C:60:0A:F8:F9:4D:5D:26:5C:25:5D:C7:84
Timestamp : Feb 25 12:36:37.388 2021 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:84:F2:8A:11:FD:02:A7:41:C0:94:F4:
4B:A3:12:EB:8C:2E:ED:33:5D:0C:41:70:AF:47:3F:D5:
BB:2F:44:8F:03:02:21:00:CD:A2:09:BD:29:DA:A3:50:
85:BC:34:EF:3B:93:5C:6B:C9:7C:A8:8C:19:1B:DE:BE:
7A:F8:E2:F0:9E:CA:39:6E
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 51:A3:B0:F5:FD:01:79:9C:56:6D:B8:37:78:8F:0C:A4:
7A:CC:1B:27:CB:F7:9E:88:42:9A:0D:FE:D4:8B:05:E5
Timestamp : Feb 25 12:36:37.342 2021 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:B0:6A:AA:7C:13:E8:E3:50:76:3F:AD:
09:E8:57:07:11:85:E5:F3:0D:FA:A8:42:42:E6:05:9B:
53:8F:9D:97:95:02:21:00:A0:80:4D:11:23:9F:A9:25:
EC:F3:BB:B8:A4:BF:C3:A2:F2:0B:27:8A:CB:47:40:D8:
FE:F4:CC:41:E7:27:B4:B1

SSL check results of bkastl.de