SSL check results of dargels.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for dargels.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Wed, 16 Mar 2022 19:13:11 +0000

The mailservers of dargels.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @dargels.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.dargels.de
135.181.13.133
10
supported
mdol-nethserver.dargels.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
12 s

Outgoing Mails

We have not received any emails from a @dargels.de address so far. Test mail delivery

Certificates

First seen at:

CN=mdol-nethserver.dargels.de

Certificate chain
  • mdol-nethserver.dargels.de
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption

      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption

          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption

Subject
Common Name (CN)
  • mdol-nethserver.dargels.de
Alternative Names
  • collabora.dargels.de
  • dargels.de
  • dev.dargels.de
  • imap.dargels.de
  • imap.myancestry.de
  • isi-dev.dargels.de
  • mail.dargels.de
  • mail.myancestry.de
  • mdol-nethserver.dargels.de
  • myancestry.de
  • nextcloud.dargels.de
  • piler.dargels.de
  • smtp.dargels.de
  • smtp.myancestry.de
  • stephdl.dargels.de
  • wp.dargels.de
  • www.dargels.de
  • www.myancestry.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2022-02-13
Not valid after
2022-05-14
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
40:F9:FE:E9:E3:A5:C1:A9:68:E0:FE:D3:F1:D4:12:1C:65:8B:7B:09:97:73:D9:32:4B:B2:7C:A2:9B:7C:9F:D3
SHA1
4B:5B:1C:F9:B9:25:5F:9F:AE:0F:C4:4F:29:ED:01:E2:4F:24:0E:8B
X509v3 extensions
subjectKeyIdentifier
  • C1:28:3E:A0:2F:FB:C3:94:4A:2B:D2:49:05:9A:02:77:5C:4E:B7:59
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 41:C8:CA:B1:DF:22:46:4A:10:C6:A1:3A:09:42:87:5E:
  • 4E:31:8B:1B:03:EB:EB:4B:C7:68:F0:90:62:96:06:F6
  • Timestamp : Feb 13 11:09:18.201 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:14:2F:65:0E:8C:B4:9C:76:47:04:66:F0:
  • 99:42:02:70:01:DE:54:CE:21:0F:69:D3:1E:09:B1:18:
  • 57:B5:DD:28:02:21:00:FC:7D:B9:80:0B:CA:90:22:F7:
  • 59:4A:29:8A:5C:FF:00:4D:83:43:F2:EA:99:82:86:E4:
  • FB:30:64:8B:68:78:7D
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 46:A5:55:EB:75:FA:91:20:30:B5:A2:89:69:F4:F3:7D:
  • 11:2C:41:74:BE:FD:49:B8:85:AB:F2:FC:70:FE:6D:47
  • Timestamp : Feb 13 11:09:18.229 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:A7:57:BD:A8:75:6D:19:89:BA:3B:49:
  • 7E:C8:96:60:D8:A4:DF:AF:48:D9:80:89:48:DE:64:28:
  • 99:38:16:07:C6:02:20:43:7D:84:81:D5:63:B3:B6:1E:
  • E7:8A:0B:3D:BB:27:B2:D4:C0:30:F2:8F:74:B1:AA:71:
  • 1B:C3:2F:24:D9:D7:F4

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.dargels.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid