SSL-Tools

SSL check results of bpsa.cz

NEW You can also bulk check multiple servers.

Discover if the mail servers for bpsa.cz can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Wed, 06 May 2026 22:32:28 +0000

We can not guarantee a secure connection to the mailservers of bpsa.cz!

Please contact the operator of bpsa.cz and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/bpsa.cz

Servers

Incoming Mails

These servers are responsible for incoming mails to @bpsa.cz addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
gw5.kodada.cz
185.91.171.212
 10
supported
postovni-server.cz
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
12 s
hosting1.adminlan.cz
78.44.192.254
Results incomplete
50
supported
not checked
DANE
missing
PFS
unsupported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Outgoing Mails

We have not received any emails from a @bpsa.cz address so far. Test mail delivery

Certificates

First seen at:

CN=postovni-server.cz

Certificate chain
  • postovni-server.cz
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
    • Hostname Mismatch
      • R13
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • postovni-server.cz
Alternative Names
  • postovni-server.cz
  • www.postovni-server.cz
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R13
validity period
Not valid before
2026-04-29
Not valid after
2026-07-28
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
Fingerprints
SHA256
4D:B2:A8:9A:4D:6F:FE:46:B2:3F:AD:0A:7D:34:E5:64:4D:0F:98:DA:21:B4:BD:02:49:34:61:BC:36:24:43:23
SHA1
C5:5A:5B:43:59:2E:A4:9B:DC:71:D7:82:AA:5E:22:FC:FD:73:E9:A4
X509v3 extensions
subjectKeyIdentifier
  • 54:6E:E8:84:A1:F8:F8:65:12:4C:DF:7C:38:B6:DF:D2:CB:F3:1A:AA
authorityKeyIdentifier
  • keyid:E7:AB:9F:0F:2C:33:A0:53:D3:5E:4F:78:C8:B2:84:0E:3B:D6:92:33
authorityInfoAccess
  • CA Issuers - URI:http://r13.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r13.c.lencr.org/82.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 94:4E:43:87:FA:EC:C1:EF:81:F3:19:24:26:A8:18:65:
  • 01:C7:D3:5F:38:02:01:3F:72:67:7D:55:37:2E:19:D8
  • Timestamp : Apr 29 01:06:37.163 2026 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:B0:E7:E7:4C:93:18:9A:ED:CD:92:83:
  • 75:9F:5F:4C:60:38:48:9D:B1:AB:7E:66:58:36:AD:8C:
  • 9D:11:6C:EF:82:02:20:59:21:1C:95:B5:3E:10:24:6A:
  • D3:96:F9:16:A4:47:5A:5B:83:D9:C2:4B:C6:E3:B9:4E:
  • AF:FB:75:B7:54:52:0A
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 46:AF:86:3D:3B:3E:E5:9F:A5:77:DE:A8:24:5D:36:B0:
  • D9:ED:22:A2:23:F4:61:77:41:22:94:52:EE:95:50:5F
  • Timestamp : Apr 29 01:06:37.330 2026 GMT
  • Extensions: 00:00:05:00:05:2B:00:BB
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:58:17:DA:FB:DC:05:BC:D5:B8:58:FB:9B:
  • 71:FE:E5:CA:C8:CF:3E:FC:C0:F5:37:07:1C:79:69:55:
  • A6:2F:97:D5:02:21:00:B4:4B:C5:DE:A3:24:7B:4C:0A:
  • 38:17:04:26:F7:CE:22:40:EA:4D:FD:CF:72:5D:10:BA:
  • 96:39:E2:3C:68:3A:7D