SSL-Tools

SSL check results of finn.io

NEW You can also bulk check multiple servers.

Discover if the mail servers for finn.io can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 22 Feb 2024 06:47:10 +0000

The mailservers of finn.io can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @finn.io addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx1.janky.email
206.168.92.200
 10
supported
mx1.janky.email
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
16 s

Outgoing Mails

We have not received any emails from a @finn.io address so far. Test mail delivery

Certificates

First seen at:

CN=mx1.janky.email

Certificate chain
  • mx1.janky.email
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mx1.janky.email
Alternative Names
  • janky.email
  • mx1.janky.email
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-02-20
Not valid after
2024-05-20
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
2F:67:D9:D4:AB:8E:54:74:60:B4:B1:65:EA:54:AC:F3:17:B8:E7:E7:35:0E:77:5A:C8:B9:B7:73:7D:14:C4:3F
SHA1
1E:4D:A3:FE:F6:3D:ED:CB:66:7A:94:25:D2:94:1B:CE:35:7A:53:B6
X509v3 extensions
subjectKeyIdentifier
  • F1:8C:50:A9:57:02:A3:50:CF:74:B8:A8:62:48:AC:66:00:19:CE:44
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : Feb 20 19:54:38.173 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:B9:ED:D2:39:99:96:32:95:2D:7F:DC:
  • 66:FC:34:7A:25:0B:53:6B:0C:EA:6C:0F:30:E9:CB:46:
  • 6C:94:FC:19:37:02:20:72:D1:3F:A1:1E:0A:ED:77:DC:
  • F8:19:43:C2:20:6A:00:BC:06:C1:5D:2A:C0:61:3D:3C:
  • 23:D7:98:A4:27:B9:7D
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
  • 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
  • Timestamp : Feb 20 19:54:38.191 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:58:8A:31:DD:76:36:A5:FD:65:04:AA:9D:
  • EB:AA:FC:78:27:26:97:49:97:40:57:7D:44:3C:71:E4:
  • 8F:A3:39:6D:02:20:74:74:E3:D6:5B:0C:5E:BF:BE:59:
  • CC:49:1E:26:FB:EF:AC:D9:F5:B5:50:4A:33:38:E6:3C:
  • BF:78:D8:5F:C5:A6

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx1.janky.email
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid