cotse.net - TLS / STARTTLS Test

Discover if the mail servers for cotse.net can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 04 Jun 2020 00:03:58 +0000

Certificates

Problems found
Protocol

Problems found
DANE

Missing

The mailservers of cotse.net can be reached through an encrypted connection.

However, we found problems that may affect the security.

Servers

Incoming Mails

These servers are responsible for incoming mails to @cotse.net addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mail.cotse.net 66.203.85.58	10	supported	mail.cotse.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers supported SSL_RSA_WITH_RC4_128_SHA	TLSv1.2 TLSv1.1 TLSv1.0 SSLv3	2020-06-04 16 s

Outgoing Mails

We have not received any emails from a @cotse.net address so far. Test mail delivery

Certificates

First seen at: 2020-06-04

CN=mail.cotse.net,OU=PositiveSSL Multi-Domain,OU=Domain Control Validated

Certificate chain

mail.cotse.net
- 2021-04-17 remaining
- 2048 bit
- sha256WithRSAEncryption
- Unknown Authority

Subject

Organizational Unit (OU)

Domain Control Validated
PositiveSSL Multi-Domain

Common Name (CN)

mail.cotse.net

Alternative Names

mail.cotse.net
mail.identicloak.com
mail.packetderm.com

Issuer

Country (C)

State (ST)

Greater Manchester

Locality (L)

Salford

Organization (O)

Sectigo Limited

Common Name (CN)

Sectigo RSA Domain Validation Secure Server CA

validity period

Not valid before: 2019-01-18
Not valid after: 2021-04-17

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: FB:1A:F0:BC:A9:EC:0C:05:06:D0:E1:BE:19:D1:53:E9:AE:E8:F7:0F:11:4D:15:21:18:C5:64:A1:52:6F:7A:58
SHA1: 32:75:7C:33:78:52:E0:FE:FE:67:8F:B3:E5:88:63:7B:3A:40:C8:FB

X509v3 extensions

authorityKeyIdentifier

keyid:8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1

subjectKeyIdentifier

60:3A:3F:62:5D:3B:AC:4A:37:E3:14:9B:69:B2:AE:F9:C1:A8:BC:F3

certificatePolicies

Policy: 1.3.6.1.4.1.6449.1.2.2.7
CPS: https://sectigo.com/CPS
Policy: 2.23.140.1.2.1

authorityInfoAccess

CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
OCSP - URI:http://ocsp.sectigo.com

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : BB:D9:DF:BC:1F:8A:71:B5:93:94:23:97:AA:92:7B:47:
38:57:95:0A:AB:52:E8:1A:90:96:64:36:8E:1E:D1:85
Timestamp : Jan 18 19:03:44.939 2019 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:B2:A5:95:4B:94:C1:D8:C1:B3:32:B7:
FA:C6:EF:72:58:C4:87:4B:EF:FF:91:5D:38:8D:5F:CC:
69:B3:C4:FB:86:02:20:4D:35:A1:94:C8:DD:6D:28:91:
22:A0:74:68:7D:69:D9:13:DB:DC:3B:9F:FC:D0:F9:E2:
C4:2C:5E:3E:19:D7:14
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 44:94:65:2E:B0:EE:CE:AF:C4:40:07:D8:A8:FE:28:C0:
DA:E6:82:BE:D8:CB:31:B5:3F:D3:33:96:B5:B6:81:A8
Timestamp : Jan 18 19:03:45.014 2019 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:AD:D3:67:2B:2A:50:65:EB:3C:CB:54:
E1:2B:7D:7D:BE:DB:DD:2B:67:65:22:72:7F:AA:9E:28:
6C:40:0C:AC:90:02:20:6D:A5:4E:AC:AF:ED:40:DA:C0:
79:11:70:48:48:F5:3B:26:2A:F4:B0:D0:B5:B9:2D:A9:
4F:91:FF:B7:FF:F2:CB
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 5C:DC:43:92:FE:E6:AB:45:44:B1:5E:9A:D4:56:E6:10:
37:FB:D5:FA:47:DC:A1:73:94:B2:5E:E6:F6:C7:0E:CA
Timestamp : Jan 18 19:03:45.026 2019 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:82:3B:63:6B:97:56:43:3E:46:95:9A:
0C:DF:7C:6F:94:CC:FB:61:A2:38:D1:C3:CA:DD:68:DD:
1D:AD:22:8D:52:02:21:00:F7:A9:DF:0F:DA:A6:87:64:
51:B4:8C:D6:E7:B1:BD:85:67:FC:46:73:C1:B8:89:FC:
12:CE:3C:C8:42:98:A1:5F

SSL check results of cotse.net