SSL check results of it-hempel.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for it-hempel.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Sat, 14 Dec 2019 19:51:05 +0000

The mailservers of it-hempel.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @it-hempel.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
dionysos.it-hempel.de
2a01:4f8:192:54f6::2
10
supported
dionysos.it-hempel.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
dionysos.it-hempel.de
144.76.109.248
10
supported
dionysos.it-hempel.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
1 s

Outgoing Mails

We have received emails from these servers with @it-hempel.de sender addresses. Test mail delivery

Host TLS Version & Cipher
dionysos.it-hempel.de (144.76.109.248)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
dionysos.it-hempel.de (IPv6:2a01:4f8:192:54f6::2)
TLSv1.3 TLS_AES_256_GCM_SHA384

Certificates

First seen at:

CN=dionysos.it-hempel.de

Certificate chain
Subject
Common Name (CN)
  • dionysos.it-hempel.de
Alternative Names
  • cloud.it-hempel.de
  • dionysos.it-hempel.de
  • fever.it-hempel.de
  • it-hempel.de
  • lists.it-hempel.de
  • wallabag.it-hempel.de
  • wallabag2.it-hempel.de
  • www.it-hempel.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • Let's Encrypt Authority X3
validity period
Not valid before
2019-11-06
Not valid after
2020-02-04
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
6F:F0:F2:1D:EA:FA:5A:14:5C:E8:F1:B7:FC:2D:44:7A:21:3D:7E:B5:0E:13:4B:A3:F2:62:A7:31:3E:EE:6C:3A
SHA1
A9:36:13:37:1B:6B:14:F7:ED:7E:74:A4:52:A7:6C:16:57:AE:43:7D
X509v3 extensions
subjectKeyIdentifier
  • A1:6D:24:05:86:10:A2:FD:B1:91:0A:4E:31:85:A2:17:59:8A:04:C3
authorityKeyIdentifier
  • keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
authorityInfoAccess
  • OCSP - URI:http://ocsp.int-x3.letsencrypt.org
  • CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
  • 15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
  • Timestamp : Nov 6 16:54:25.262 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:88:A7:3B:1D:D3:88:35:B9:1A:26:D8:
  • 04:1E:98:3A:72:7C:15:FC:81:95:8E:54:D1:38:CD:C1:
  • 44:9C:99:45:C4:02:20:33:A2:3E:11:50:EB:66:9A:50:
  • 9D:3B:0F:2C:5A:3A:B9:EE:E1:06:CE:4C:91:A7:A2:09:
  • DE:BC:EC:3A:D9:CE:89
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 07:B7:5C:1B:E5:7D:68:FF:F1:B0:C6:1D:23:15:C7:BA:
  • E6:57:7C:57:94:B7:6A:EE:BC:61:3A:1A:69:D3:A2:1C
  • Timestamp : Nov 6 16:54:25.134 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:5D:07:C8:87:22:CB:B1:27:E5:BA:B4:7F:
  • 4C:F5:44:68:EB:EA:C2:8A:53:99:1F:96:F5:84:EE:3A:
  • 58:0D:CA:91:02:21:00:E5:4C:C5:1C:9C:7D:E8:1A:CE:
  • 9F:3E:DB:48:98:FF:77:C0:24:F3:9F:AE:F5:4D:98:68:
  • 14:D0:3F:33:79:B6:16