SSL-Tools

SSL check results of cgdev.dk

NEW You can also bulk check multiple servers.

Discover if the mail servers for cgdev.dk can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 23 Apr 2024 14:22:57 +0000

The mailservers of cgdev.dk can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @cgdev.dk addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
box.cgdev.dk
2a03:b0c0:3:d0::cec:1001
Results incomplete
10 not checked
DANE
errors
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s
box.cgdev.dk
104.248.255.18
 10
supported
box.cgdev.dk
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
1 s

Outgoing Mails

We have not received any emails from a @cgdev.dk address so far. Test mail delivery

Certificates

First seen at:

CN=box.cgdev.dk

Certificate chain
  • box.cgdev.dk
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • box.cgdev.dk
Alternative Names
  • box.cgdev.dk
  • www.cgdev.dk
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-02-17
Not valid after
2024-05-17
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
57:49:8D:D8:12:8F:63:0C:E1:30:C4:7A:EE:6D:BB:DD:DE:83:86:38:DD:DC:1D:9A:49:FB:77:2F:DC:4E:B2:C9
SHA1
9D:42:76:0C:81:B3:58:6E:F4:7A:6E:65:82:C8:97:4A:44:60:19:3C
X509v3 extensions
subjectKeyIdentifier
  • F1:49:E4:8C:BB:CA:43:62:5B:27:C3:EB:6E:2C:D5:EE:A1:DB:05:C4
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
  • 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
  • Timestamp : Feb 17 02:49:13.354 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:B7:98:8F:DA:55:45:BF:B2:4E:3A:AE:
  • 37:F6:F0:11:CF:B5:40:69:5B:2E:41:CF:C9:28:9A:AF:
  • 35:14:5F:04:54:02:20:3C:77:A6:D5:FC:14:FF:40:B5:
  • 26:8D:74:95:AF:95:C7:A3:08:4F:F0:68:77:B6:68:3E:
  • 5B:2F:37:9C:89:B9:1F
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
  • 65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
  • Timestamp : Feb 17 02:49:13.373 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:3F:CD:14:3C:A5:4A:50:F8:A6:B7:E5:DF:
  • 10:B0:D1:C3:38:DF:C3:AD:F8:B3:5B:E0:0E:5E:C3:9C:
  • 72:F8:4A:AF:02:21:00:E9:A8:E6:02:F1:78:7A:68:55:
  • 2A:12:4D:9F:DF:F4:2B:24:33:C7:D7:65:25:7A:B7:30:
  • 34:FE:0F:1F:89:75:4B

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.box.cgdev.dk
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid