SSL-Tools

SSL check results of gandi.net

NEW You can also bulk check multiple servers.

Discover if the mail servers for gandi.net can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 25 Feb 2025 05:09:53 +0000

No connection to the mailservers of gandi.net could be established.

Servers

Incoming Mails

These servers are responsible for incoming mails to @gandi.net addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail12.gandi.net
2001:4b98:dc4:5:ae1f:6bff:fe2d:9fdc
Results incomplete
10
supported
pop.gandi.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
mail12.gandi.net
217.70.182.73
Results incomplete
10
supported
pop.gandi.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
mail8.gandi.net
2001:4b98:dc2:90:217:70:186:186
Results incomplete
30
supported
mail8.gandi.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
mail8.gandi.net
217.70.186.186
Results incomplete
30
supported
mail8.gandi.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @gandi.net address so far. Test mail delivery

Certificates

First seen at:

CN=mail8.gandi.net

Certificate chain
Subject
Common Name (CN)
  • mail8.gandi.net
Alternative Names
  • mail8.gandi.net
  • www.mail8.gandi.net
Issuer
Country (C)
  • FR
Organization (O)
  • Gandi
Common Name (CN)
  • Gandi RSA Domain Validation Secure Server CA 3
validity period
Not valid before
2024-06-05
Not valid after
2025-07-04
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
FD:83:9E:C7:4A:27:C2:79:DA:44:57:CF:06:71:32:60:47:E5:77:E6:1B:97:CC:89:67:2A:6E:F6:A1:0E:F9:24
SHA1
26:CE:69:5A:3B:09:69:46:A2:82:B8:7D:EF:6A:90:D6:83:BB:31:F2
X509v3 extensions
authorityKeyIdentifier
  • keyid:81:11:92:DE:66:32:A5:B0:5B:33:3D:65:43:85:FC:D4:04:2D:F1:AE
subjectKeyIdentifier
  • E3:9E:42:25:CF:ED:7B:F3:2C:FC:C2:9B:CA:EA:50:E1:F3:F4:7C:4A
certificatePolicies
  • Policy: 1.3.6.1.4.1.6449.1.2.2.26
  • CPS: https://sectigo.com/CPS
  • Policy: 2.23.140.1.2.1
authorityInfoAccess
  • CA Issuers - URI:http://crt.sectigo.com/GandiRSADomainValidationSecureServerCA3.crt
  • OCSP - URI:http://ocsp.sectigo.com
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
  • 3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
  • Timestamp : Jun 5 12:18:50.116 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:95:DC:64:DF:EC:66:00:04:17:CC:E3:
  • B6:2D:22:9E:09:1D:C7:FB:84:98:C3:64:F3:87:5E:1A:
  • 26:50:33:DD:42:02:21:00:FF:8B:62:AD:93:A2:99:6A:
  • E2:9E:5E:B7:66:77:AF:43:D1:B3:07:80:26:99:FF:14:
  • C7:87:68:24:98:BD:75:DD
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
  • 47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
  • Timestamp : Jun 5 12:18:50.050 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:37:25:05:2A:93:11:75:BD:12:F7:E2:9F:
  • B3:8C:B0:03:74:60:46:38:B6:32:BA:66:1E:71:BA:EE:
  • 7D:FC:08:F8:02:21:00:CD:F4:C3:1A:D8:31:F5:08:02:
  • 73:88:BE:94:D7:D1:B0:AA:C9:27:DF:3F:29:55:86:D7:
  • 4C:72:C1:DB:17:F1:0E
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
  • F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
  • Timestamp : Jun 5 12:18:50.029 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:C4:2F:EE:58:81:F5:61:9A:5E:75:EB:
  • E7:B4:6F:9A:EC:63:1D:55:CF:36:09:49:CF:7B:96:47:
  • 51:FA:44:40:C2:02:20:78:A9:CA:0A:1F:AD:E7:7D:22:
  • 5C:1E:66:D9:73:9F:4B:06:C8:18:CF:89:E8:10:3C:ED:
  • 0C:62:FC:55:CC:0A:F9
First seen at:

CN=pop.gandi.net

Certificate chain
Subject
Common Name (CN)
  • pop.gandi.net
Alternative Names
  • pop.gandi.net
  • mail10.gandi.net
  • mail12.gandi.net
  • mail4.gandi.net
  • mail8.gandi.net
  • smtp.gandi.net
Issuer
Country (C)
  • FR
Organization (O)
  • Gandi
Common Name (CN)
  • Gandi RSA Domain Validation Secure Server CA 3
validity period
Not valid before
2024-07-01
Not valid after
2025-07-30
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
B9:7B:A3:A3:B5:88:02:E4:40:08:40:F6:E1:DB:32:78:13:EE:A7:27:1D:1D:77:5F:72:B2:1A:16:83:50:98:4A
SHA1
66:39:3F:94:1A:84:A0:B3:BA:42:6D:05:77:90:1B:0D:6B:A8:9E:04
X509v3 extensions
authorityKeyIdentifier
  • keyid:81:11:92:DE:66:32:A5:B0:5B:33:3D:65:43:85:FC:D4:04:2D:F1:AE
subjectKeyIdentifier
  • 49:1C:9E:05:7E:E3:4F:A6:24:56:77:79:BD:F8:83:0C:5F:99:12:08
certificatePolicies
  • Policy: 1.3.6.1.4.1.6449.1.2.2.26
  • CPS: https://sectigo.com/CPS
  • Policy: 2.23.140.1.2.1
authorityInfoAccess
  • CA Issuers - URI:http://crt.sectigo.com/GandiRSADomainValidationSecureServerCA3.crt
  • OCSP - URI:http://ocsp.sectigo.com
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
  • 3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
  • Timestamp : Jul 1 12:00:47.837 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:1F:14:22:C0:B7:45:BC:D6:6B:34:29:81:
  • D2:D2:78:F1:E5:DC:BE:DA:DC:9A:51:A2:3B:1F:8B:C3:
  • 25:9E:5D:9C:02:21:00:FC:A5:5B:64:28:FE:E4:3A:1E:
  • E3:A3:5E:12:6B:DC:E4:5C:E6:EE:F6:56:96:A4:F7:2E:
  • 4A:CA:6C:FC:3D:2B:A9
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
  • 47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
  • Timestamp : Jul 1 12:00:47.746 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:6C:23:2F:C2:7F:44:C7:65:89:14:9E:B7:
  • E3:C6:09:DC:9E:00:5F:67:F5:6C:34:37:47:D5:3B:E2:
  • 17:4E:AE:84:02:21:00:BF:16:27:26:CB:E4:64:EE:A6:
  • 71:2F:34:EA:D1:30:19:43:75:50:AB:1D:7F:AF:CD:94:
  • 36:BB:E0:45:E0:A5:32
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
  • F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
  • Timestamp : Jul 1 12:00:47.732 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:36:51:6E:77:27:BF:D2:98:22:BC:81:87:
  • 43:3E:F1:75:9F:E9:1D:FE:E0:5D:E0:76:C5:CE:90:90:
  • ED:2A:D1:A1:02:21:00:EC:35:D9:F2:13:E7:98:0C:F6:
  • 0E:67:2E:98:56:E8:25:1C:76:93:14:0E:5A:78:F5:A4:
  • E3:6E:80:EC:9A:DA:9E