SSL-Tools

SSL check results of hs-cl.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for hs-cl.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 19 May 2025 00:31:22 +0000

The mailservers of hs-cl.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @hs-cl.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.hs-cl.de
2a01:4f8:1c1b:c25c::1
 20
supported
mail.hs-cl.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
8 s
mail.hs-cl.de
188.245.158.169
 20
supported
mail.hs-cl.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
4 s

Outgoing Mails

We have not received any emails from a @hs-cl.de address so far. Test mail delivery

Certificates

First seen at:

CN=mail.hs-cl.de

Certificate chain
  • mail.hs-cl.de
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.hs-cl.de
Alternative Names
  • autoconfig.hs-cl.de
  • autoconfig.projector-calc.net
  • autodiscover.hs-cl.de
  • autodiscover.projector-calc.net
  • mail.hs-cl.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2025-03-28
Not valid after
2025-06-26
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
2A:5C:ED:51:5D:FB:E8:50:12:FC:BA:E2:DA:85:72:C1:5A:C9:17:80:9E:98:68:3A:7F:BA:D9:BE:FA:88:66:18
SHA1
49:1D:BA:9E:D6:9D:B2:70:28:F4:4B:15:4B:C6:EA:F4:52:F2:22:D2
X509v3 extensions
subjectKeyIdentifier
  • 06:6C:4E:DF:9C:E5:11:87:F3:EC:26:48:ED:A4:44:73:D8:4E:B0:35
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • OCSP - URI:http://r11.o.lencr.org
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r11.c.lencr.org/102.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
  • 22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
  • Timestamp : Mar 28 08:40:38.137 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:7B:F1:E0:4B:89:C3:DA:3A:9F:B7:4A:12:
  • 01:3B:BE:CF:B4:DE:58:52:86:8A:0F:DA:3F:AC:42:CE:
  • 5B:36:A5:DE:02:21:00:A8:30:FB:30:B3:1D:94:62:3D:
  • 32:30:6A:EE:A5:8C:00:23:2A:87:AA:3F:E2:25:59:7D:
  • E9:2D:4D:15:68:A0:8D
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
  • 16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
  • Timestamp : Mar 28 08:40:40.617 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:BF:39:6B:50:BD:EE:51:DE:C3:83:A8:
  • B6:AD:08:1A:68:03:C1:DD:35:C1:27:ED:06:9B:7B:6E:
  • 66:BA:BD:8E:21:02:21:00:DB:34:65:5F:FF:6A:A4:B9:
  • 9D:6B:75:97:18:2F:4B:68:8F:B6:3C:72:FB:8B:E7:0F:
  • 59:5C:A1:1A:28:F6:1D:3F