SSL-Tools

SSL check results of huawei.com

NEW You can also bulk check multiple servers.

Discover if the mail servers for huawei.com can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 08 Jun 2020 08:11:51 +0000

The mailservers of huawei.com can be reached through an encrypted connection.

However, we found problems that may affect the security.

Servers

Incoming Mails

These servers are responsible for incoming mails to @huawei.com addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx5.huawei.com
103.218.216.136
 10
supported
huawei.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
25 s
mx6.huawei.com
185.176.76.214
 20
supported
huawei.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
13 s
mx7.huawei.com
168.195.93.46
 20
supported
huawei.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
27 s
mx8.his.huawei.com
103.69.140.246
 30
supported
huawei.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
22 s

Outgoing Mails

We have not received any emails from a @huawei.com address so far. Test mail delivery

Certificates

First seen at:

emailAddress=liqi65@huawei.com,CN=huawei.com,OU=IT,O=HUAWEI,ST=pkiNo 279329,DC=caName sha256,DC=appName anti-spam system,C=CN

Certificate chain
  • huawei.com
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
    • Hostname Mismatch
    • Unknown Authority
      HWIT Enterprise CA 1
Subject
Country (C)
  • CN
Domain Component (DC)
  • appName anti-spam system
  • caName sha256
State (ST)
  • pkiNo 279329
Organization (O)
  • HUAWEI
Organizational Unit (OU)
  • IT
Common Name (CN)
  • huawei.com
Email
  • liqi65@huawei.com
Alternative Names
  • huawei.com
Issuer
Common Name (CN)
  • HWIT Enterprise CA 1
validity period
Not valid before
2019-11-08
Not valid after
2024-11-06
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Client Authentication
  • Microsoft Server Gated Crypto
  • Netscape Server Gated Crypto
  • TLS Web Server Authentication
Fingerprints
SHA256
2F:C3:25:12:62:6A:74:5E:1A:DA:12:04:62:39:5C:A8:69:34:A8:DE:60:CF:20:75:CC:C4:6F:FE:6C:DA:0E:0B
SHA1
E9:16:3F:9B:BB:CE:95:46:E1:92:9B:8D:22:64:F1:B6:79:E7:8C:91
X509v3 extensions
1_3_6_1_4_1_311_21_7
  • 0/.'+.....7.....J...w...........'.T...K......d...
1_3_6_1_4_1_311_21_10
  • 030
  • ..+.......0..
  • +.....7
  • ..0...`.H...B..0
  • ..+.......
subjectKeyIdentifier
  • 8E:FC:00:44:9E:39:0F:FB:52:37:C4:6E:91:60:A7:68:11:96:BB:D1
authorityKeyIdentifier
  • keyid:A6:B4:C7:2B:52:1F:A0:78:B9:86:29:6B:42:26:0D:42:45:E7:14:BB
crlDistributionPoints
  • Full Name:
  • URI:http://hwitpki.huawei.com/crl/HWIT%20Enterprise%20CA%201.crl
authorityInfoAccess
  • CA Issuers - URI:http://hwitpki.huawei.com/aia/HWIT%20Enterprise%20CA%201.crt
  • OCSP - URI:http://hwitpki.huawei.com/ocsp