SSL check results of disked.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for disked.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Thu, 24 Nov 2022 10:15:25 +0000

The mailservers of disked.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @disked.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.disked.de
2a03:4000:19:1c6::10
10
supported
*.disked.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
5 s
mail.disked.de
46.38.255.210
10
supported
*.disked.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
4 s

Outgoing Mails

We have not received any emails from a @disked.de address so far. Test mail delivery

Certificates

First seen at:

CN=*.disked.de

Certificate chain
  • *.disked.de
    • remaining
    • 384 bit
    • sha256WithRSAEncryption

      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption

          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption

Subject
Common Name (CN)
  • *.disked.de
Alternative Names
  • *.disked.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2022-10-18
Not valid after
2023-01-16
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
CA:F9:35:78:DC:48:AE:9C:14:89:DF:00:87:0F:CA:9B:5F:AE:51:93:E6:5C:3E:B3:9F:73:8E:2C:CC:D7:BF:69
SHA1
8D:10:BC:BF:21:C7:04:F1:2C:38:B9:CC:FC:D0:9B:E7:B7:6A:79:92
X509v3 extensions
subjectKeyIdentifier
  • 76:D2:91:7E:9F:C1:AC:E3:F8:B5:84:6D:64:6E:41:78:FD:45:29:20
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7A:32:8C:54:D8:B7:2D:B6:20:EA:38:E0:52:1E:E9:84:
  • 16:70:32:13:85:4D:3B:D2:2B:C1:3A:57:A3:52:EB:52
  • Timestamp : Oct 18 21:57:08.728 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:65:50:36:EF:70:18:FD:7F:33:41:3E:76:
  • 96:79:9D:E3:D5:53:3F:68:52:34:4F:B4:88:1D:64:E4:
  • A7:A4:A6:F5:02:21:00:D4:19:53:7E:59:37:D8:47:E4:
  • 8F:5B:48:30:3E:12:9C:69:85:11:51:92:93:4F:1E:AF:
  • C6:42:18:27:F4:3D:BB
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : AD:F7:BE:FA:7C:FF:10:C8:8B:9D:3D:9C:1E:3E:18:6A:
  • B4:67:29:5D:CF:B1:0C:24:CA:85:86:34:EB:DC:82:8A
  • Timestamp : Oct 18 21:57:08.752 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:BE:73:2D:8D:B7:3F:93:4C:12:2C:1D:
  • 54:16:3C:BB:4E:EA:E9:0D:CD:67:A2:D1:CC:9A:B8:19:
  • 5E:FA:BF:87:F2:02:20:0D:3D:57:5B:2E:CC:04:3E:36:
  • 48:B6:87:7A:DD:9B:F3:E2:E3:0B:FB:47:C0:7D:F9:49:
  • 59:3D:6B:C1:EF:B4:63

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.disked.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid