SSL-Tools

SSL check results of kopis.uk

NEW You can also bulk check multiple servers.

Discover if the mail servers for kopis.uk can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sun, 07 Feb 2021 04:59:46 +0000

The mailservers of kopis.uk can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @kopis.uk addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.kopis.uk
2a01:4f8:c17:1f03::1
 10
supported
mail.kopis.uk
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s
mail.kopis.uk
49.12.33.46
 10
supported
mail.kopis.uk
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s

Outgoing Mails

We have not received any emails from a @kopis.uk address so far. Test mail delivery

Certificates

First seen at:

CN=mail.kopis.uk

Certificate chain
  • mail.kopis.uk
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • DST Root CA X3 (Certificate is self-signed.)
            • remaining
            • 2048 bit
            • sha1WithRSAEncryption
Subject
Common Name (CN)
  • mail.kopis.uk
Alternative Names
  • autoconfig.kopis.uk
  • autodiscover.kopis.uk
  • mail.kopis.uk
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2021-02-07
Not valid after
2021-05-08
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
11:48:2A:00:68:5A:E1:9A:2E:15:78:A6:73:77:A6:FB:6E:F0:FA:97:EC:6C:A1:0F:6F:9C:07:81:D0:E8:07:EF
SHA1
D2:0F:86:19:24:F9:67:1E:EC:00:40:CE:4F:DA:D4:2C:E4:D2:C2:1A
X509v3 extensions
subjectKeyIdentifier
  • 27:D7:FF:C3:1E:56:C4:AC:4C:78:83:4E:F5:8F:E8:34:2D:14:31:58
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7D:3E:F2:F8:8F:FF:88:55:68:24:C2:C0:CA:9E:52:89:
  • 79:2B:C5:0E:78:09:7F:2E:6A:97:68:99:7E:22:F0:D7
  • Timestamp : Feb 7 03:47:23.020 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:76:0D:42:F5:88:FA:F0:8E:F4:DB:49:36:
  • 7D:5A:4C:A2:F9:F9:66:3B:78:48:AA:A2:75:10:0A:B9:
  • 87:ED:B3:DF:02:20:1D:4E:83:2C:A5:3F:82:3D:1E:2F:
  • 3F:00:4A:E6:0C:80:28:E3:64:88:45:92:56:94:7D:4F:
  • 0D:07:AA:2B:AA:80
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 5C:DC:43:92:FE:E6:AB:45:44:B1:5E:9A:D4:56:E6:10:
  • 37:FB:D5:FA:47:DC:A1:73:94:B2:5E:E6:F6:C7:0E:CA
  • Timestamp : Feb 7 03:47:23.492 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:C9:D8:40:89:7E:62:8A:81:06:7D:07:
  • BE:20:EB:73:5E:CA:79:1E:35:4B:A7:F4:E1:00:AB:1F:
  • E0:61:68:01:80:02:20:3A:04:68:55:32:5A:DA:5B:91:
  • C2:B6:A9:65:51:E0:B6:5B:19:F5:43:F0:7E:C5:CE:96:
  • DE:DF:30:E7:7D:09:E6

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.kopis.uk
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid