SSL-Tools

SSL check results of gandi.net

NEW You can also bulk check multiple servers.

Discover if the mail servers for gandi.net can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sun, 24 May 2020 18:36:39 +0000

We can not guarantee a secure connection to the mailservers of gandi.net!

Please contact the operator of gandi.net and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/gandi.net

Servers

Incoming Mails

These servers are responsible for incoming mails to @gandi.net addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail12.gandi.net
2001:4b98:dc4:5:ae1f:6bff:fe2d:9fdc
Results incomplete
10
supported
not checked
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
mail12.gandi.net
217.70.182.73
Results incomplete
10
supported
not checked
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
mail8.gandi.net
2001:4b98:dc2:90:217:70:186:186
 30
supported
mail8.gandi.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
14 s
mail8.gandi.net
217.70.186.186
 30
supported
mail8.gandi.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
14 s

Outgoing Mails

We have not received any emails from a @gandi.net address so far. Test mail delivery

Certificates

First seen at:

CN=mail8.gandi.net,OU=Gandi Standard SSL,OU=Domain Control Validated

Certificate chain
  • mail8.gandi.net
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
    • Unknown Authority
      Gandi Standard SSL CA 2
Subject
Organizational Unit (OU)
  • Domain Control Validated
  • Gandi Standard SSL
Common Name (CN)
  • mail8.gandi.net
Alternative Names
  • mail8.gandi.net
  • www.mail8.gandi.net
Issuer
Country (C)
  • FR
State (ST)
  • Paris
Locality (L)
  • Paris
Organization (O)
  • Gandi
Common Name (CN)
  • Gandi Standard SSL CA 2
validity period
Not valid before
2019-07-04
Not valid after
2021-07-04
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
CE:D4:C0:36:1F:EA:60:3C:DE:5A:D7:3D:61:E0:C0:47:F1:EA:18:AC:12:92:60:B6:92:3E:F6:6A:BB:AA:95:D7
SHA1
20:53:6A:F2:39:4D:A4:97:CC:CC:80:84:EB:7C:C4:83:65:AC:11:F4
X509v3 extensions
authorityKeyIdentifier
  • keyid:B3:90:A7:D8:C9:AF:4E:CD:61:3C:9F:7C:AD:5D:7F:41:FD:69:30:EA
subjectKeyIdentifier
  • 97:07:EF:C9:F1:51:14:5C:B0:75:C7:8F:CA:58:B9:3E:ED:FE:67:D7
certificatePolicies
  • Policy: 1.3.6.1.4.1.6449.1.2.2.26
  • CPS: https://cps.usertrust.com
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://crl.usertrust.com/GandiStandardSSLCA2.crl
authorityInfoAccess
  • CA Issuers - URI:http://crt.usertrust.com/GandiStandardSSLCA2.crt
  • OCSP - URI:http://ocsp.usertrust.com
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : BB:D9:DF:BC:1F:8A:71:B5:93:94:23:97:AA:92:7B:47:
  • 38:57:95:0A:AB:52:E8:1A:90:96:64:36:8E:1E:D1:85
  • Timestamp : Jul 4 09:38:28.856 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:7F:75:D7:9A:31:6B:FD:3D:82:F9:2C:85:
  • 34:2A:A5:3B:75:5F:79:9C:95:B0:F2:AC:2A:3E:AF:A1:
  • F9:41:43:EA:02:20:09:BB:0F:DE:3D:E1:96:98:4C:BA:
  • 81:5E:A6:FF:09:AF:E1:D7:E7:CB:D8:55:7A:BB:11:13:
  • 4C:7E:E1:77:34:C4
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 44:94:65:2E:B0:EE:CE:AF:C4:40:07:D8:A8:FE:28:C0:
  • DA:E6:82:BE:D8:CB:31:B5:3F:D3:33:96:B5:B6:81:A8
  • Timestamp : Jul 4 09:38:28.893 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:0D:1F:1A:F6:37:A3:60:8A:D8:9D:61:2B:
  • B0:DC:C2:C2:3D:6D:8C:61:D3:AA:6D:E7:64:95:B7:35:
  • CA:59:DE:86:02:20:50:F8:09:1C:86:63:E4:58:57:22:
  • 91:ED:32:9C:11:E9:62:F0:A5:53:D8:78:0E:7E:DE:65:
  • DD:FD:91:F5:DA:20
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
  • 15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
  • Timestamp : Jul 4 09:38:28.968 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:16:B6:CD:DC:46:4B:00:36:81:62:54:4D:
  • DF:5C:65:92:EB:83:B9:1D:1E:52:F5:F3:BD:3B:C3:A8:
  • 2C:8A:DE:BF:02:21:00:F2:FA:25:46:0C:4E:94:09:56:
  • C3:E7:54:C1:58:A6:99:2C:7E:2A:E7:CC:17:D6:FF:46:
  • 6A:6B:7F:F6:E2:E7:14