SSL-Tools

SSL check results of bss.com.ph

NEW You can also bulk check multiple servers.

Discover if the mail servers for bss.com.ph can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sat, 07 Aug 2021 16:30:56 +0000

The mailservers of bss.com.ph can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @bss.com.ph addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.bss.systems
2406:da18:f47:ab29:eaf7:e084:25f8:f47f
 10
supported
mail.bss.systems
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
10 s
mail.bss.systems
54.169.203.158
 10
supported
mail.bss.systems
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
10 s
smtp.bss.systems
2406:da18:f47:ab29:f2e5:8a94:abc:474d
 20
supported
smtp.bss.systems
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
10 s
smtp.bss.systems
18.138.162.19
 20
supported
smtp.bss.systems
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
10 s

Outgoing Mails

We have received emails from these servers with @bss.com.ph sender addresses. Test mail delivery

Host TLS Version & Cipher
e232-11.smtp-out.ap-southeast-1.amazonses.com (23.251.232.11)
TLSv1.2 ECDHE-RSA-AES128-SHA256
e242-4.smtp-out.us-west-1.amazonses.com (23.251.242.4)
TLSv1.2 ECDHE-RSA-AES128-SHA256

Certificates

First seen at:

CN=mail.bss.systems

Certificate chain
Subject
Common Name (CN)
  • mail.bss.systems
Alternative Names
  • mail.bss.systems
  • www.mail.bss.systems
Issuer
Country (C)
  • GB
State (ST)
  • Greater Manchester
Locality (L)
  • Salford
Organization (O)
  • Sectigo Limited
Common Name (CN)
  • Sectigo ECC Domain Validation Secure Server CA
validity period
Not valid before
2021-08-05
Not valid after
2022-09-05
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
03:ED:7A:35:15:6E:40:41:51:19:1B:52:A7:6D:3A:EF:35:DB:A0:E3:CD:28:F1:81:37:44:D7:B8:34:BB:64:E6
SHA1
63:C1:3B:EA:04:14:B3:59:D2:5E:B5:5C:04:95:77:C8:2B:58:4A:84
X509v3 extensions
authorityKeyIdentifier
  • keyid:F6:85:0A:3B:11:86:E1:04:7D:0E:AA:0B:2C:D2:EE:CC:64:7B:7B:AE
subjectKeyIdentifier
  • 3C:35:8C:6C:83:FF:47:E9:53:EE:76:6C:2D:E7:92:CC:3A:FD:BD:30
certificatePolicies
  • Policy: 1.3.6.1.4.1.6449.1.2.2.7
  • CPS: https://sectigo.com/CPS
  • Policy: 2.23.140.1.2.1
authorityInfoAccess
  • CA Issuers - URI:http://crt.sectigo.com/SectigoECCDomainValidationSecureServerCA.crt
  • OCSP - URI:http://ocsp.sectigo.com
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 46:A5:55:EB:75:FA:91:20:30:B5:A2:89:69:F4:F3:7D:
  • 11:2C:41:74:BE:FD:49:B8:85:AB:F2:FC:70:FE:6D:47
  • Timestamp : Aug 5 10:25:04.030 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:A1:64:69:FC:F5:75:1D:B3:A3:38:1E:
  • 9D:55:4C:D0:02:05:89:6D:7B:AB:E0:63:26:59:B3:78:
  • 03:87:9A:2C:2E:02:21:00:89:6D:AC:DB:C0:53:18:61:
  • 84:80:FE:E5:3A:FA:E3:9D:A9:D7:25:7F:11:8E:39:69:
  • DE:83:63:F7:6E:01:16:6A
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 41:C8:CA:B1:DF:22:46:4A:10:C6:A1:3A:09:42:87:5E:
  • 4E:31:8B:1B:03:EB:EB:4B:C7:68:F0:90:62:96:06:F6
  • Timestamp : Aug 5 10:25:03.985 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:5C:32:57:27:FF:97:49:F6:0A:F3:63:70:
  • F4:BA:2A:86:36:77:42:88:78:9E:05:8E:16:11:F5:8E:
  • 26:B8:76:AD:02:21:00:CF:AC:FF:C1:1F:0C:C7:F3:9C:
  • CF:B2:53:4D:5B:DC:D4:3D:49:82:07:4C:34:57:AD:FD:
  • 2E:FC:CA:0A:07:9C:BC
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 29:79:BE:F0:9E:39:39:21:F0:56:73:9F:63:A5:77:E5:
  • BE:57:7D:9C:60:0A:F8:F9:4D:5D:26:5C:25:5D:C7:84
  • Timestamp : Aug 5 10:25:03.938 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:7C:CE:23:6D:5D:63:D1:20:5B:F5:E0:0A:
  • 10:28:0D:56:F6:72:0E:87:39:60:FA:63:2D:C9:04:FE:
  • E8:03:A4:F4:02:20:65:F8:5B:08:6F:3F:3F:FC:F6:68:
  • 6F:AA:91:F7:D4:AF:2A:EE:23:09:C7:E1:9F:EB:CF:CA:
  • F3:67:44:59:B3:5F
First seen at:

CN=smtp.bss.systems

Certificate chain
Subject
Common Name (CN)
  • smtp.bss.systems
Alternative Names
  • smtp.bss.systems
  • www.smtp.bss.systems
Issuer
Country (C)
  • GB
State (ST)
  • Greater Manchester
Locality (L)
  • Salford
Organization (O)
  • Sectigo Limited
Common Name (CN)
  • Sectigo ECC Domain Validation Secure Server CA
validity period
Not valid before
2021-08-05
Not valid after
2022-09-05
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
51:6C:20:65:B6:C0:B9:2B:A2:30:47:B5:B2:55:00:92:E8:42:29:58:1F:FD:CB:1A:C4:F3:5D:A0:9F:60:B6:2F
SHA1
23:AC:79:3C:51:1A:D4:0C:8C:AF:A7:A2:3D:1E:B9:96:09:F0:F9:1D
X509v3 extensions
authorityKeyIdentifier
  • keyid:F6:85:0A:3B:11:86:E1:04:7D:0E:AA:0B:2C:D2:EE:CC:64:7B:7B:AE
subjectKeyIdentifier
  • 70:38:A9:90:29:B9:8D:25:94:D4:C4:ED:C5:3D:E7:90:12:C5:12:F9
certificatePolicies
  • Policy: 1.3.6.1.4.1.6449.1.2.2.7
  • CPS: https://sectigo.com/CPS
  • Policy: 2.23.140.1.2.1
authorityInfoAccess
  • CA Issuers - URI:http://crt.sectigo.com/SectigoECCDomainValidationSecureServerCA.crt
  • OCSP - URI:http://ocsp.sectigo.com
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 46:A5:55:EB:75:FA:91:20:30:B5:A2:89:69:F4:F3:7D:
  • 11:2C:41:74:BE:FD:49:B8:85:AB:F2:FC:70:FE:6D:47
  • Timestamp : Aug 5 11:31:16.734 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:85:DD:A7:04:C4:6C:57:36:4C:E4:8F:
  • 26:D1:B6:08:22:EF:D9:D2:A3:F2:E2:AD:99:2B:9D:C8:
  • F0:DC:3B:3E:B3:02:21:00:A4:EA:74:79:14:78:E4:65:
  • ED:56:60:00:94:19:EC:74:2C:B7:8E:C6:00:DD:49:F9:
  • 7C:2C:C1:47:56:B0:F7:B1
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 41:C8:CA:B1:DF:22:46:4A:10:C6:A1:3A:09:42:87:5E:
  • 4E:31:8B:1B:03:EB:EB:4B:C7:68:F0:90:62:96:06:F6
  • Timestamp : Aug 5 11:31:16.675 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:8D:FE:CB:0C:B6:1D:70:55:21:36:DA:
  • 8D:D5:90:89:D2:BF:53:23:C7:F4:D2:6E:B3:9B:C4:A2:
  • 04:87:CC:7A:44:02:21:00:BB:8F:CF:41:DC:8A:5E:D1:
  • 8E:7C:BC:E7:68:C6:F5:E5:B1:A7:4A:E1:41:81:C2:78:
  • 62:F5:7D:8E:C8:4B:18:37
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 29:79:BE:F0:9E:39:39:21:F0:56:73:9F:63:A5:77:E5:
  • BE:57:7D:9C:60:0A:F8:F9:4D:5D:26:5C:25:5D:C7:84
  • Timestamp : Aug 5 11:31:16.622 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:B3:22:B9:76:D5:FB:A4:0E:EA:A4:24:
  • 5E:82:93:2D:31:75:60:7A:4B:8F:42:EB:9C:6E:3A:D2:
  • D2:E7:30:90:1A:02:20:37:59:A6:F1:82:50:45:0C:43:
  • 2C:9B:89:08:DB:EC:3B:99:48:71:30:F3:8C:44:3F:12:
  • D8:9F:AA:64:78:9C:47

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.bss.systems
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mail.bss.systems
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid
_25._tcp.smtp.bss.systems
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.smtp.bss.systems
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid