brunschede.de - TLS / STARTTLS Test

Discover if the mail servers for brunschede.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 15 Apr 2025 11:32:28 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Valid

The mailservers of brunschede.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @brunschede.de addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mail.brunschede.de 2a03:4000:15:2c:e843:a8ff:fe35:9ce6	5	supported	mail.brunschede.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-04-15 5 s
mail.brunschede.de 185.170.112.222	5	supported	mail.brunschede.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-04-15 5 s

Outgoing Mails

We have not received any emails from a @brunschede.de address so far. Test mail delivery

Certificates

First seen at: 2025-04-15

CN=mail.brunschede.de

Certificate chain

mail.brunschede.de
- 2025-07-13 remaining
- 4096 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

mail.brunschede.de

Alternative Names

autoconfig.brunsche.de
autoconfig.hollandstrandurlaub.com
autoconfig.nak-bonn.online
autodiscover.brunsche.de
autodiscover.hollandstrandurlaub.com
autodiscover.nak-bonn.online
mail.brunschede.de

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2025-04-14
Not valid after: 2025-07-13

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 58:BA:BE:53:37:0E:26:74:5C:5C:0D:40:E7:06:38:05:98:A8:EF:50:02:E1:F2:E4:87:6B:02:CB:9C:80:F9:10
SHA1: D8:D9:8F:2D:95:8E:34:6F:44:AA:27:A4:C9:BE:29:AA:A7:F8:AC:AF

X509v3 extensions

subjectKeyIdentifier

0D:69:6E:1E:67:19:1D:72:37:74:BA:26:68:A1:E4:6D:A8:0C:28:DC

authorityKeyIdentifier

keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9

authorityInfoAccess

OCSP - URI:http://r11.o.lencr.org
CA Issuers - URI:http://r11.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

crlDistributionPoints

Full Name:
URI:http://r11.c.lencr.org/70.crl

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
Timestamp : Apr 14 13:44:13.097 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:3A:10:53:38:0D:46:9D:D3:C4:F3:4E:1B:
97:2E:9E:36:41:A0:EA:D2:19:4F:29:C1:34:C8:9F:EB:
50:A8:BE:8D:02:20:14:5C:8B:53:5F:94:A2:24:EB:B9:
10:5D:AB:17:EC:4A:05:AE:E0:14:03:B9:86:EF:F0:03:
A1:AE:AC:E3:DB:8A
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : A4:42:C5:06:49:60:61:54:8F:0F:D4:EA:9C:FB:7A:2D:
26:45:4D:87:A9:7F:2F:DF:45:59:F6:27:4F:3A:84:54
Timestamp : Apr 14 13:44:13.073 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:45:67:30:BC:82:29:13:86:E7:F7:8A:62:
24:E1:5C:E0:AF:BD:A8:B7:0E:68:E3:62:A2:D6:7E:EA:
C3:87:48:0D:02:21:00:9B:CA:3F:6B:EB:C9:EA:1F:23:
B2:18:21:26:86:C2:19:81:C3:80:1E:D1:DC:3C:A8:02:
50:12:C2:78:B0:D7:24

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.mail.brunschede.de	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	valid

SSL check results of brunschede.de