SSL check results of brunschede.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for brunschede.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Tue, 15 Apr 2025 11:32:28 +0000

The mailservers of brunschede.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @brunschede.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.brunschede.de
2a03:4000:15:2c:e843:a8ff:fe35:9ce6
5
supported
mail.brunschede.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
5 s
mail.brunschede.de
185.170.112.222
5
supported
mail.brunschede.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
5 s

Outgoing Mails

We have not received any emails from a @brunschede.de address so far. Test mail delivery

Certificates

First seen at:

CN=mail.brunschede.de

Certificate chain
  • mail.brunschede.de
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption

      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption

          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption

Subject
Common Name (CN)
  • mail.brunschede.de
Alternative Names
  • autoconfig.brunsche.de
  • autoconfig.hollandstrandurlaub.com
  • autoconfig.nak-bonn.online
  • autodiscover.brunsche.de
  • autodiscover.hollandstrandurlaub.com
  • autodiscover.nak-bonn.online
  • mail.brunschede.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2025-04-14
Not valid after
2025-07-13
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
58:BA:BE:53:37:0E:26:74:5C:5C:0D:40:E7:06:38:05:98:A8:EF:50:02:E1:F2:E4:87:6B:02:CB:9C:80:F9:10
SHA1
D8:D9:8F:2D:95:8E:34:6F:44:AA:27:A4:C9:BE:29:AA:A7:F8:AC:AF
X509v3 extensions
subjectKeyIdentifier
  • 0D:69:6E:1E:67:19:1D:72:37:74:BA:26:68:A1:E4:6D:A8:0C:28:DC
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • OCSP - URI:http://r11.o.lencr.org
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r11.c.lencr.org/70.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
  • 22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
  • Timestamp : Apr 14 13:44:13.097 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:3A:10:53:38:0D:46:9D:D3:C4:F3:4E:1B:
  • 97:2E:9E:36:41:A0:EA:D2:19:4F:29:C1:34:C8:9F:EB:
  • 50:A8:BE:8D:02:20:14:5C:8B:53:5F:94:A2:24:EB:B9:
  • 10:5D:AB:17:EC:4A:05:AE:E0:14:03:B9:86:EF:F0:03:
  • A1:AE:AC:E3:DB:8A
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A4:42:C5:06:49:60:61:54:8F:0F:D4:EA:9C:FB:7A:2D:
  • 26:45:4D:87:A9:7F:2F:DF:45:59:F6:27:4F:3A:84:54
  • Timestamp : Apr 14 13:44:13.073 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:45:67:30:BC:82:29:13:86:E7:F7:8A:62:
  • 24:E1:5C:E0:AF:BD:A8:B7:0E:68:E3:62:A2:D6:7E:EA:
  • C3:87:48:0D:02:21:00:9B:CA:3F:6B:EB:C9:EA:1F:23:
  • B2:18:21:26:86:C2:19:81:C3:80:1E:D1:DC:3C:A8:02:
  • 50:12:C2:78:B0:D7:24

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.brunschede.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid