SSL check results of jo-it.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for jo-it.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Tue, 16 Jul 2019 11:55:38 +0000

We can not guarantee a secure connection to the mailservers of jo-it.de!

Please contact the operator of jo-it.de and ask him or her to solve this problem. This result stays accessible under the following address:

https://ssl-tools.net/mailservers/jo-it.de

Servers

Incoming Mails

These servers are responsible for incoming mails to @jo-it.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mailgate.jo-it.de
2003:a:a0b:d510::206
Results incomplete
10 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s
mailgate.jo-it.de
80.147.11.224
10
supported
gw1.jo-it.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
5 s
joit2.dnsdojo.net
188.99.4.159
20
supported
gw1.jo-it.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
6 s
gw1.jo-it.de
80.147.11.224
101
supported
gw1.jo-it.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
5 s

Outgoing Mails

We have not received any emails from a @jo-it.de address so far. Test mail delivery

Certificates

First seen at:

CN=gw1.jo-it.de

Certificate chain
Subject
Common Name (CN)
  • gw1.jo-it.de
Alternative Names
  • gw1.jo-it.de
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Organizational Unit (OU)
  • www.digicert.com
Common Name (CN)
  • Encryption Everywhere DV TLS CA - G2
validity period
Not valid before
2019-04-25
Not valid after
2020-04-24
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
E6:C3:83:86:14:F2:8D:A1:0A:C5:8D:76:07:1C:13:5E:EA:C8:D9:AD:95:FE:62:1F:78:C9:52:5C:86:72:81:1D
SHA1
28:9A:48:39:15:38:16:AF:FE:FA:98:ED:F5:E0:87:38:9E:00:8D:B3
X509v3 extensions
authorityKeyIdentifier
  • keyid:78:DF:91:90:5F:EE:DE:AC:F6:C5:75:EB:D5:4C:55:53:EF:24:4A:B6
subjectKeyIdentifier
  • F9:AA:5B:48:4E:5F:7A:BB:2B:8F:03:FF:F1:DD:D0:54:0C:79:70:6C
certificatePolicies
  • Policy: 2.16.840.1.114412.1.2
  • CPS: https://www.digicert.com/CPS
  • Policy: 2.23.140.1.2.1
authorityInfoAccess
  • OCSP - URI:http://ocsp.digicert.com
  • CA Issuers - URI:http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:4B:BD:B7:75:CE:60:BA:E1:42:69:1F:AB:E1:9E:66:
  • A3:0F:7E:5F:B0:72:D8:83:00:C4:7B:89:7A:A8:FD:CB
  • Timestamp : Apr 25 15:22:57.614 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:D6:81:9F:8F:B7:8A:03:89:92:1A:D4:
  • 93:09:A6:2C:45:BE:F2:44:77:E5:AB:09:02:EB:A2:D5:
  • 7F:24:93:15:E1:02:21:00:97:D0:97:74:46:B0:AF:1A:
  • 05:F2:A8:BD:1E:14:92:86:05:7D:C6:9F:0A:19:CE:34:
  • 2F:74:05:72:A6:DC:3A:37
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 5E:A7:73:F9:DF:56:C0:E7:B5:36:48:7D:D0:49:E0:32:
  • 7A:91:9A:0C:84:A1:12:12:84:18:75:96:81:71:45:58
  • Timestamp : Apr 25 15:22:57.513 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:E3:A8:37:15:B9:D9:74:80:47:B0:EF:
  • 92:48:0E:11:EF:97:43:0F:8F:C4:30:5A:0E:FA:56:BE:
  • A4:5B:67:AA:21:02:21:00:9B:67:6A:04:0E:2A:C5:29:
  • C6:30:DB:CD:F1:3D:B1:6E:93:E0:5F:99:18:4B:0F:D8:
  • AD:FB:D1:83:39:9E:34:8A