SSL-Tools

SSL check results of jnkg.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for jnkg.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 06 Oct 2022 07:05:01 +0000

We can not guarantee a secure connection to the mailservers of jnkg.de!

Please contact the operator of jnkg.de and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/jnkg.de

Servers

Incoming Mails

These servers are responsible for incoming mails to @jnkg.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
witt.jnkg.de
80.151.214.167
 100
supported
ex2016.witt.jnkg.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
witt-lte.jupi-networks.com
37.80.64.105
Results incomplete
200 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s

Outgoing Mails

We have received emails from these servers with @jnkg.de sender addresses. Test mail delivery

Host TLS Version & Cipher
smtprelay03.ispgateway.de (80.67.18.15)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384

Certificates

First seen at:

CN=ex2016.witt.jnkg.de

Certificate chain
  • ex2016.witt.jnkg.de
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
    • Hostname Mismatch
    • Unknown Authority
      witt-DC-CA
Subject
Common Name (CN)
  • ex2016.witt.jnkg.de
Alternative Names
  • ex2016.witt.jnkg.de
Issuer
Domain Component (DC)
  • de
  • jnkg
  • witt
Common Name (CN)
  • witt-DC-CA
validity period
Not valid before
2022-10-05
Not valid after
2024-10-04
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
Fingerprints
SHA256
18:23:84:C6:AD:7F:CE:EE:31:59:B6:35:1F:5A:BB:33:6A:91:65:B7:BC:B7:5B:EA:0F:2E:44:B6:05:C8:32:B0
SHA1
AB:44:B3:C5:43:BD:80:4D:C7:17:16:CB:19:DE:A6:5B:B5:6F:15:6E
X509v3 extensions
subjectKeyIdentifier
  • 90:F4:D8:54:6E:BC:A7:C5:0E:0C:20:FB:BE:2B:15:D7:53:78:86:E0
authorityKeyIdentifier
  • keyid:12:8C:07:F3:45:AB:50:3A:51:91:A3:9F:2B:2B:D8:CD:E1:C0:0D:D6
crlDistributionPoints
  • Full Name:
  • URI:ldap:///CN=witt-DC-CA,CN=DC00,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=witt,DC=jnkg,DC=de?certificateRevocationList?base?objectClass=cRLDistributionPoint
authorityInfoAccess
  • CA Issuers - URI:ldap:///CN=witt-DC-CA,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=witt,DC=jnkg,DC=de?cACertificate?base?objectClass=certificationAuthority
1_3_6_1_4_1_311_20_2
  • ...W.e.b.S.e.r.v.e.r