SSL-Tools

SSL check results of dittri.ch

NEW You can also bulk check multiple servers.

Discover if the mail servers for dittri.ch can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 28 Mar 2024 21:12:20 +0000

We can not guarantee a secure connection to the mailservers of dittri.ch!

Please contact the operator of dittri.ch and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/dittri.ch

Servers

Incoming Mails

These servers are responsible for incoming mails to @dittri.ch addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.dittri.ch
2a00:5080:1:a::1
 10
supported
mail.dittri.ch
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
mail.dittri.ch
84.38.67.50
 10
supported
mail.dittri.ch
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
mail2.dittri.ch
2a01:6c60:1000:1003:ffff:ffff:b40f:ab01
Results incomplete
20 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
mail2.dittri.ch
104.128.234.17
Results incomplete
20 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
2 s

Outgoing Mails

We have not received any emails from a @dittri.ch address so far. Test mail delivery

Certificates

First seen at:

CN=mail.dittri.ch

Certificate chain
  • mail.dittri.ch
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.dittri.ch
Alternative Names
  • mail.dittri.ch
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-02-22
Not valid after
2024-05-22
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
77:8D:97:84:1E:00:9D:1A:C1:79:7D:5B:6A:AB:ED:FA:9F:2F:5D:11:F3:FD:ED:C3:0A:E0:C0:45:7A:B9:02:EA
SHA1
7E:94:65:A8:9E:9A:5A:33:74:7F:5A:5D:1F:7E:43:93:2B:E5:C4:ED
X509v3 extensions
subjectKeyIdentifier
  • 60:A6:71:93:66:13:4D:BD:1F:EB:86:5F:06:F5:B0:8F:4E:8A:FE:38
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : Feb 22 17:48:18.127 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:E0:CC:88:D5:4E:EC:56:96:61:8A:65:
  • 2B:0C:29:5D:12:B3:18:63:6A:F0:8C:0F:42:DC:B5:2E:
  • 17:28:01:39:24:02:21:00:8E:4C:EA:6D:9F:89:3D:EE:
  • 2B:A6:C9:CC:B2:9E:99:E1:2F:A7:03:5B:5A:89:91:E4:
  • CF:94:8B:7A:C1:39:43:D0
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
  • B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
  • Timestamp : Feb 22 17:48:18.905 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:87:A5:29:1F:F5:38:6B:B7:45:36:51:
  • A1:B3:FE:C6:92:32:D2:15:1A:D8:5F:94:57:CA:04:2D:
  • 70:2E:06:B1:D3:02:20:7D:6E:2D:1F:0F:06:25:F8:5B:
  • 5A:04:05:C3:11:23:76:D8:9C:87:99:25:65:7E:60:D2:
  • 8A:BE:A0:C0:60:49:D1