SSL-Tools

SSL check results of jochenkirchner.photos

NEW You can also bulk check multiple servers.

Discover if the mail servers for jochenkirchner.photos can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Wed, 08 Apr 2026 18:40:14 +0000

The mailservers of jochenkirchner.photos can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @jochenkirchner.photos addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.jochenkirchner.photos
2a01:4f8:221:26af:1337:d34d:ac1d:b33f
 10
supported
mail.jochenkirchner.photos
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
mail.jochenkirchner.photos
88.99.199.2
 10
supported
mail.jochenkirchner.photos
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Outgoing Mails

We have not received any emails from a @jochenkirchner.photos address so far. Test mail delivery

Certificates

First seen at:

CN=mail.jochenkirchner.photos

Certificate chain
  • mail.jochenkirchner.photos
    • remaining
    • 256 bit
    • ecdsa-with-SHA384
      • E7
        • remaining
        • 384 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.jochenkirchner.photos
Alternative Names
  • imap.jochenkirchner.photos
  • mail.jochenkirchner.photos
  • smtp.jochenkirchner.photos
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • E7
validity period
Not valid before
2026-04-06
Not valid after
2026-07-05
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
Fingerprints
SHA256
48:E2:F3:AC:C8:55:34:D2:CC:BE:80:92:31:6F:8C:CF:54:89:24:25:17:43:E6:FD:DF:95:D1:31:29:5A:54:52
SHA1
E5:73:70:A1:1F:A1:D2:3D:FC:B1:36:5C:E7:A3:F3:D8:54:F4:FE:60
X509v3 extensions
subjectKeyIdentifier
  • DC:9D:22:78:6F:8A:91:90:C3:E4:A1:EA:E8:B7:28:4B:15:CA:16:E1
authorityKeyIdentifier
  • keyid:AE:48:9E:DC:87:1D:44:A0:6F:DA:A2:E5:60:74:04:78:C2:9C:00:80
authorityInfoAccess
  • CA Issuers - URI:http://e7.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://e7.c.lencr.org/14.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 46:AF:86:3D:3B:3E:E5:9F:A5:77:DE:A8:24:5D:36:B0:
  • D9:ED:22:A2:23:F4:61:77:41:22:94:52:EE:95:50:5F
  • Timestamp : Apr 6 09:42:21.329 2026 GMT
  • Extensions: 00:00:05:00:03:24:4A:CE
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:B2:01:3C:5A:CD:27:9B:19:C3:98:7E:
  • 76:51:B0:63:5D:F3:67:F5:5A:9B:4C:E8:01:3D:C0:AA:
  • D9:10:9C:71:CE:02:20:6C:4C:6A:C7:3C:9F:58:6E:9C:
  • 79:01:DD:7F:00:8E:7A:2D:17:05:F1:B0:43:F5:E8:75:
  • D8:7E:B1:0C:A8:D0:A3
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : D8:09:55:3B:94:4F:7A:FF:C8:16:19:6F:94:4F:85:AB:
  • B0:F8:FC:5E:87:55:26:0F:15:D1:2E:72:BB:45:4B:14
  • Timestamp : Apr 6 09:42:21.260 2026 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:9A:8D:47:25:D0:87:11:0D:60:93:44:
  • 66:EC:7F:43:47:3D:30:FA:2F:B9:2B:F4:0B:F9:A0:5C:
  • C1:29:A7:F1:19:02:21:00:D2:20:EA:27:82:7A:9C:73:
  • F6:55:DE:37:C5:CF:32:AE:AA:31:82:A3:F9:7E:3E:94:
  • 85:DF:C4:8B:D0:BA:A9:24

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.jochenkirchner.photos
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid