SSL-Tools

SSL check results of halbe.com

NEW You can also bulk check multiple servers.

Discover if the mail servers for halbe.com can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 05 Nov 2024 11:09:42 +0000

The mailservers of halbe.com can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @halbe.com addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.itbh.de
31.209.124.133
 10
supported
mail.itbh.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
1 s
mail.halbe.com
178.210.125.66
Results incomplete
20
supported
mail.halbe.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Outgoing Mails

We have not received any emails from a @halbe.com address so far. Test mail delivery

Certificates

First seen at:

CN=mail.itbh.de

Certificate chain
  • mail.itbh.de
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.itbh.de
Alternative Names
  • mail.itbh.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2024-10-21
Not valid after
2025-01-19
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
0B:D3:72:BA:EE:E6:DA:B5:B2:D1:13:42:64:7A:25:27:C6:B4:51:A5:1F:E3:E2:41:2A:E3:35:59:C3:71:E1:9E
SHA1
33:C5:34:FC:7E:2A:53:31:85:21:18:BA:25:3A:EF:35:33:45:98:D6
X509v3 extensions
subjectKeyIdentifier
  • 8C:E8:58:A3:D6:2E:D6:21:77:6B:D3:24:96:5A:3F:B2:CA:7C:1A:C4
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • OCSP - URI:http://r11.o.lencr.org
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
  • 1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
  • Timestamp : Oct 21 13:57:30.523 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:EA:DC:84:0C:BF:BF:21:71:2E:EE:44:
  • 9C:4D:F9:20:3B:7D:53:32:B7:DF:20:76:95:15:3A:E7:
  • A2:55:AE:A9:E5:02:21:00:B7:5A:1D:8A:15:80:95:99:
  • AE:97:46:F8:2D:EA:66:63:87:A5:F9:A6:C9:64:B1:BF:
  • B4:2F:B5:C7:A9:80:27:FA
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
  • 16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
  • Timestamp : Oct 21 13:57:30.646 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:A3:63:D6:8E:D5:15:E7:2E:17:28:E8:
  • 7F:39:AE:D9:46:58:24:82:72:2D:B6:EF:17:45:6A:44:
  • 89:34:B3:49:42:02:21:00:DE:24:FE:9A:EC:A2:2D:7A:
  • 0A:41:CB:25:24:F7:38:FB:AB:17:25:E0:5F:2F:5B:47:
  • C0:4A:1D:41:A0:D6:DE:85
First seen at:

CN=mail.halbe.com

Certificate chain
Subject
Common Name (CN)
  • mail.halbe.com
Alternative Names
  • mail.halbe.com
Issuer
Country (C)
  • AT
Organization (O)
  • ZeroSSL
Common Name (CN)
  • ZeroSSL RSA Domain Secure Site CA
validity period
Not valid before
2024-08-19
Not valid after
2025-08-19
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
71:31:1B:5B:6A:94:54:B6:CF:1E:D0:86:6A:55:54:EB:1B:92:8C:03:9B:0D:0D:DA:8D:67:2C:2A:6B:84:F8:9D
SHA1
D7:3A:D2:B0:B1:31:54:1E:29:20:DA:E7:EF:DC:68:11:86:B6:58:36
X509v3 extensions
authorityKeyIdentifier
  • keyid:C8:D9:78:68:A2:D9:19:68:D5:3D:72:DE:5F:0A:3E:DC:B5:86:86:A6
subjectKeyIdentifier
  • 12:8A:DF:40:13:6A:D6:21:CD:FD:51:A0:3F:7B:A2:7C:78:9B:AF:79
certificatePolicies
  • Policy: 1.3.6.1.4.1.6449.1.2.2.78
  • CPS: https://sectigo.com/CPS
  • Policy: 2.23.140.1.2.1
authorityInfoAccess
  • CA Issuers - URI:http://zerossl.crt.sectigo.com/ZeroSSLRSADomainSecureSiteCA.crt
  • OCSP - URI:http://zerossl.ocsp.sectigo.com
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
  • 3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
  • Timestamp : Aug 19 06:13:40.334 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:89:33:4D:FE:6A:01:FA:47:43:69:2C:
  • 9D:6A:96:44:D1:58:8D:46:1F:F6:49:55:ED:FA:B9:9F:
  • 8D:6E:3E:92:25:02:21:00:FC:CC:91:54:BB:2E:73:5C:
  • FE:90:8D:36:A7:1E:CC:99:75:0C:A2:FD:7A:B3:6C:5B:
  • DF:2C:72:50:45:3E:2C:CA
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
  • 47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
  • Timestamp : Aug 19 06:13:40.271 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:6C:F5:D0:F2:9A:8E:02:0D:D7:57:21:04:
  • CC:5E:EC:B5:CF:5F:33:05:5A:D2:19:D8:FF:02:6D:4A:
  • E9:91:8D:56:02:21:00:B6:25:7A:88:78:5E:15:D1:CC:
  • 8B:B9:AE:14:5C:C2:CA:2F:0D:D9:A8:A7:A0:E7:B5:7C:
  • 83:8A:5E:40:6A:50:80
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
  • F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
  • Timestamp : Aug 19 06:13:40.224 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:A9:1D:D9:95:B0:0C:15:21:FD:93:83:
  • E6:6A:0A:44:39:0D:68:BB:2C:46:AD:37:D6:09:14:DB:
  • 56:A3:7F:C3:3E:02:20:2A:FC:03:35:37:3E:B0:EA:30:
  • 5E:F2:2C:40:0D:3D:F6:F2:5C:68:DD:26:C3:F9:1E:18:
  • 91:21:D7:C9:94:80:14

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.itbh.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-512 Hash
valid
valid
_25._tcp.mail.halbe.com
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid