SSL-Tools

SSL check results of farbneutral.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for farbneutral.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 18 Apr 2024 11:42:10 +0000

The mailservers of farbneutral.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @farbneutral.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.ud03.udmedia.de
2a05:d580:0:1337::2b
 10
supported
ud03.udmedia.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mail.ud03.udmedia.de
194.117.254.43
 10
supported
ud03.udmedia.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @farbneutral.de address so far. Test mail delivery

Certificates

First seen at:

CN=ud03.udmedia.de

Certificate chain
  • ud03.udmedia.de
    • remaining
    • 256 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • ud03.udmedia.de
Alternative Names
  • mail.ud03.udmedia.de
  • ud03.udmedia.de
  • www.ud03.udmedia.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-03-17
Not valid after
2024-06-15
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
2B:D2:41:64:8B:FB:5B:97:A6:70:18:82:80:B2:5B:B8:0F:A5:A4:E9:82:6D:8C:B4:6C:89:A8:86:E0:86:61:AA
SHA1
F0:82:C6:8B:98:6B:78:C4:96:73:7A:2B:01:92:27:17:33:73:63:B2
X509v3 extensions
subjectKeyIdentifier
  • 2B:E8:93:40:39:6A:69:58:A3:7E:28:E4:33:AA:83:B3:88:DB:10:82
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
  • 67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
  • Timestamp : Mar 17 01:13:47.158 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:1F:59:95:1E:C6:CD:64:F5:CE:A2:CE:FC:C6:
  • 00:F2:50:83:B3:40:DD:C8:06:74:CA:95:C1:73:E6:19:
  • 68:AF:4D:02:21:00:BF:AC:D7:34:F1:5B:53:64:97:01:
  • AE:12:8C:CC:C1:1F:69:34:26:FF:C4:44:98:4E:8C:00:
  • 94:F4:73:AC:10:F2
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
  • B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
  • Timestamp : Mar 17 01:13:47.227 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:8C:74:65:CD:F6:B2:69:39:E3:6E:84:
  • D6:42:85:A3:72:9F:7C:54:7E:67:48:40:50:CB:28:82:
  • 99:34:BE:AA:B5:02:21:00:AC:2A:AC:05:B9:CC:7A:E3:
  • D3:7B:BB:35:D0:E1:B8:EE:A8:DF:92:C6:B4:2A:18:75:
  • 88:A9:6F:73:37:8B:F1:77

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.ud03.udmedia.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mail.ud03.udmedia.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid