SSL check results of craynic.net

NEW You can also bulk check multiple servers.

Discover if the mail servers for craynic.net can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Thu, 01 Aug 2024 14:52:32 +0000

The mailservers of craynic.net can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @craynic.net addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx.mail.craynic.net
143.244.207.82
10
supported
mail.craynic.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
8 s

Outgoing Mails

We have not received any emails from a @craynic.net address so far. Test mail delivery

Certificates

First seen at:

CN=mail.craynic.net

Certificate chain
  • mail.craynic.net
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption

      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption

          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption

Subject
Common Name (CN)
  • mail.craynic.net
Alternative Names
  • admin.mail.craynic.net
  • autoconfig.mail.craynic.net
  • autodiscover.mail.craynic.net
  • imap.mail.craynic.net
  • imap4.mail.craynic.net
  • mail.craynic.net
  • mx.mail.craynic.net
  • out.mail.craynic.net
  • pop.mail.craynic.net
  • pop3.mail.craynic.net
  • smtp.mail.craynic.net
  • srs.mail.craynic.net
  • submission.mail.craynic.net
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2024-07-30
Not valid after
2024-10-28
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
4B:E7:54:3E:12:DF:40:29:93:AC:CE:2E:DC:0D:5E:DA:9B:54:A2:CF:9A:26:90:F3:76:FC:CD:D6:0E:C7:2C:52
SHA1
10:11:56:1B:09:46:6F:27:F4:D8:C5:91:79:77:4D:5B:BD:15:24:00
X509v3 extensions
subjectKeyIdentifier
  • BC:25:1F:21:A4:5E:03:0F:E3:B4:79:6C:DE:CD:E1:80:14:1A:73:BC
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • OCSP - URI:http://r11.o.lencr.org
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
  • 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
  • Timestamp : Jul 30 06:36:38.796 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:74:97:E2:98:49:E1:DB:6C:C5:78:0C:ED:
  • 49:2F:5E:98:79:76:78:03:FD:E9:0E:77:B0:13:1A:49:
  • FC:79:C2:C6:02:20:34:82:92:B0:88:47:CC:88:1B:EA:
  • 0B:13:77:46:8A:C1:7D:C3:D8:75:83:44:15:C4:78:F1:
  • 12:98:73:A0:50:17
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
  • 4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
  • Timestamp : Jul 30 06:36:38.984 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:5D:70:22:37:99:2A:20:5D:B9:11:D7:D0:
  • 85:4E:ED:EE:81:6E:96:5E:B6:B5:D3:CE:C1:30:7E:9C:
  • FB:D8:89:E8:02:20:62:EF:64:25:51:1D:83:89:35:D6:
  • E2:BF:91:BE:FF:16:D0:1C:53:89:68:21:A7:86:39:1E:
  • 6F:04:90:D9:C4:63