SSL check results of dettmanns.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for dettmanns.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Sat, 21 Nov 2020 14:41:01 +0000

We can not guarantee a secure connection to the mailservers of dettmanns.de!

Please contact the operator of dettmanns.de and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/dettmanns.de

Servers

Incoming Mails

These servers are responsible for incoming mails to @dettmanns.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
cubian.hubiuwe.de
2a02:a00:e012:4b10::1:10
10
supported
hubiuwe.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
12 s
cubian.hubiuwe.de
46.41.1.145
10
supported
hubiuwe.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
11 s
schorsch.dettmanns.de
2a02:180:6:1::20e2
Results incomplete
20
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
15 s
schorsch.dettmanns.de
91.143.80.181
Results incomplete
20
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
15 s

Outgoing Mails

We have not received any emails from a @dettmanns.de address so far. Test mail delivery

Certificates

First seen at:

CN=hubiuwe.de

Certificate chain
Subject
Common Name (CN)
  • hubiuwe.de
Alternative Names
  • cubian.hubiuwe.de
  • hubiuwe.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • Let's Encrypt Authority X3
validity period
Not valid before
2020-10-18
Not valid after
2021-01-16
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
48:5D:BB:F8:A8:86:4A:37:3E:D0:7F:CF:0F:62:88:6D:7C:16:5E:CE:96:1A:9E:C5:BD:3E:85:C4:B4:1F:89:20
SHA1
02:63:38:B5:BA:C1:EF:F3:D4:27:29:EC:7B:9B:C1:99:19:A2:5C:22
X509v3 extensions
subjectKeyIdentifier
  • 2B:77:39:4B:AA:B5:28:14:DB:1E:31:2F:BA:DB:1F:97:A1:89:43:37
authorityKeyIdentifier
  • keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
authorityInfoAccess
  • OCSP - URI:http://ocsp.int-x3.letsencrypt.org
  • CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : F6:5C:94:2F:D1:77:30:22:14:54:18:08:30:94:56:8E:
  • E3:4D:13:19:33:BF:DF:0C:2F:20:0B:CC:4E:F1:64:E3
  • Timestamp : Oct 18 10:18:22.378 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:5F:4D:05:8A:58:94:C6:25:10:B4:85:A0:
  • B6:B7:C0:6F:D8:87:54:3E:4A:48:3C:A8:A0:6F:0A:BC:
  • 84:5D:22:DD:02:21:00:B8:20:5E:81:33:E4:E2:DD:D0:
  • 6A:CC:76:5D:C4:08:31:C0:02:05:A1:85:BA:C6:9A:EF:
  • 4D:BC:62:55:53:8F:CF
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 5C:DC:43:92:FE:E6:AB:45:44:B1:5E:9A:D4:56:E6:10:
  • 37:FB:D5:FA:47:DC:A1:73:94:B2:5E:E6:F6:C7:0E:CA
  • Timestamp : Oct 18 10:18:22.893 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:1F:67:22:17:57:5A:34:92:25:90:60:D0:
  • 67:CB:EF:5B:E5:7B:76:84:A1:B2:40:F7:1A:CC:45:48:
  • 75:81:86:2B:02:20:5C:81:60:B9:10:A2:1A:39:9F:7C:
  • 0C:23:F0:A0:29:B9:A8:59:04:1B:0E:05:09:9C:F3:EB:
  • EF:48:7A:0C:D7:FD

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.cubian.hubiuwe.de
  • PKIX-EE: Service Certificate Constraint
  • Use subject public key
  • SHA-256 Hash
error
Debug
valid
_25._tcp.cubian.hubiuwe.de
  • PKIX-EE: Service Certificate Constraint
  • Use subject public key
  • SHA-256 Hash
error
Debug