SSL-Tools

SSL check results of bon-rivage.ch

NEW You can also bulk check multiple servers.

Discover if the mail servers for bon-rivage.ch can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sun, 28 May 2023 20:36:47 +0000

We can not guarantee a secure connection to the mailservers of bon-rivage.ch!

Please contact the operator of bon-rivage.ch and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/bon-rivage.ch

Servers

Incoming Mails

These servers are responsible for incoming mails to @bon-rivage.ch addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
smtp.mailcleaner.net
195.176.194.32
 0
supported
*.mailcleaner.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
smtp.mailcleaner.net
195.176.194.121
 0
supported
*.mailcleaner.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
smtp.mailcleaner.net
193.246.63.102
 0
supported
*.mailcleaner.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s
smtp2.mailcleaner.net
2001:918:ffd1::2000:0:2000:99
 0
supported
*.mailcleaner.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
smtp2.mailcleaner.net
193.246.63.99
 0
supported
*.mailcleaner.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
smtp2.mailcleaner.net
195.176.194.13
Results incomplete
0 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s

Outgoing Mails

We have not received any emails from a @bon-rivage.ch address so far. Test mail delivery

Certificates

First seen at:

CN=*.mailcleaner.net

Certificate chain
Subject
Common Name (CN)
  • *.mailcleaner.net
Alternative Names
  • *.mailcleaner.net
  • mailcleaner.net
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Organizational Unit (OU)
  • www.digicert.com
Common Name (CN)
  • RapidSSL TLS RSA CA G1
validity period
Not valid before
2023-05-17
Not valid after
2024-05-28
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
ED:96:3A:73:81:EE:E6:E4:B1:C1:2C:B9:30:FE:38:1F:FF:28:4E:9F:90:67:0A:D7:8C:00:B5:91:B1:BC:7C:5B
SHA1
B9:E9:27:AA:BB:14:77:3F:2A:97:A7:7B:8E:6A:E3:50:FA:15:E8:79
X509v3 extensions
authorityKeyIdentifier
  • keyid:0C:DB:6C:82:49:0F:4A:67:0A:B8:14:EE:7A:C4:48:52:88:EB:56:38
subjectKeyIdentifier
  • CF:82:AA:71:8E:A2:48:E3:74:26:C5:0A:1E:12:B0:AE:C5:D2:3D:24
crlDistributionPoints
  • Full Name:
  • URI:http://cdp.rapidssl.com/RapidSSLTLSRSACAG1.crl
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • CPS: http://www.digicert.com/CPS
authorityInfoAccess
  • OCSP - URI:http://status.rapidssl.com
  • CA Issuers - URI:http://cacerts.rapidssl.com/RapidSSLTLSRSACAG1.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
  • 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
  • Timestamp : May 17 15:41:00.131 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:70:CE:7E:60:65:18:B5:2A:20:43:74:16:
  • 78:B9:18:0B:D4:BB:36:45:31:14:E3:3D:34:3E:DC:E4:
  • 75:EF:7D:AC:02:20:01:C8:8C:12:CF:DF:48:EC:F5:C4:
  • 48:4D:3A:57:B2:C7:64:5C:2A:FB:03:1E:32:E4:5C:56:
  • 75:EA:92:AD:A5:E9
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : May 17 15:41:00.172 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:F2:EA:39:21:BB:DC:08:55:4D:DA:07:
  • 3C:EA:77:9B:8C:F3:7F:47:AD:80:A8:C8:4D:F0:4F:19:
  • 9B:7B:4C:C7:F2:02:21:00:CF:E1:36:BC:C3:D2:E2:DA:
  • D4:84:12:98:BD:24:73:7B:AF:F7:29:E5:8D:F5:AF:90:
  • 22:4A:AD:6E:74:0A:EE:5A
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
  • 91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
  • Timestamp : May 17 15:41:00.119 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:B3:D8:2B:5B:F6:DA:FA:BD:48:B6:F4:
  • 35:78:75:7D:F4:92:14:28:AD:23:4C:AC:60:3C:39:FB:
  • A4:84:94:F5:6E:02:20:18:37:78:9A:F1:9A:34:6C:58:
  • 3E:FE:E6:A2:2B:11:90:DD:83:3E:0B:79:58:50:04:B5:
  • A3:C2:16:1F:2E:5F:CE