SSL-Tools

SSL check results of ksan.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for ksan.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sun, 26 Apr 2026 00:30:24 +0000

The mailservers of ksan.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @ksan.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail1.ksan.de
45.138.59.200
 10
supported
mail1.ksan.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
8 s
mail2.ksan.de
45.138.59.201
 20
supported
mail2.ksan.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
7 s

Outgoing Mails

We have not received any emails from a @ksan.de address so far. Test mail delivery

Certificates

First seen at:

CN=mail1.ksan.de

Certificate chain
  • mail1.ksan.de
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R13
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail1.ksan.de
Alternative Names
  • mail1.ksan.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R13
validity period
Not valid before
2026-04-23
Not valid after
2026-07-22
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
Fingerprints
SHA256
24:57:30:41:3B:6E:14:14:28:75:19:16:37:24:DE:AB:85:49:CB:1C:5C:33:22:C0:4D:17:98:8B:13:56:A9:E7
SHA1
59:A1:9E:BA:13:78:E6:EE:C4:A7:46:4D:14:EE:7E:E4:5F:88:B4:AC
X509v3 extensions
subjectKeyIdentifier
  • 36:44:E1:37:7A:0E:C1:57:AC:A5:A1:43:65:86:7B:30:81:35:77:BE
authorityKeyIdentifier
  • keyid:E7:AB:9F:0F:2C:33:A0:53:D3:5E:4F:78:C8:B2:84:0E:3B:D6:92:33
authorityInfoAccess
  • CA Issuers - URI:http://r13.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r13.c.lencr.org/74.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CB:38:F7:15:89:7C:84:A1:44:5F:5B:C1:DD:FB:C9:6E:
  • F2:9A:59:CD:47:0A:69:05:85:B0:CB:14:C3:14:58:E7
  • Timestamp : Apr 23 12:57:51.435 2026 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:0F:0E:E9:B1:87:76:78:C9:17:CA:C7:99:
  • C1:B8:CB:34:7D:D3:56:0C:33:D6:CA:BC:80:16:0F:BA:
  • F9:ED:9D:19:02:21:00:80:72:A9:66:5E:F2:7D:2A:8B:
  • 3D:D7:E6:1C:E0:96:44:1C:A0:84:F7:8D:1B:2A:D9:5A:
  • 61:82:9F:94:7B:79:4F
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A8:26:CB:E3:0A:C6:35:12:46:53:3F:E0:65:F1:4F:19:
  • D9:6E:19:08:13:C4:1D:D9:6D:79:00:B3:12:3C:55:27
  • Timestamp : Apr 23 12:57:51.497 2026 GMT
  • Extensions: 00:00:05:00:08:03:22:6B
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:D7:83:B2:19:1E:A1:70:CB:25:17:E1:
  • 7F:B5:BA:0E:D5:DF:5C:65:B5:82:F5:24:BA:0C:90:BF:
  • A4:D0:B0:AB:82:02:21:00:AB:4A:9C:E3:85:C2:F8:25:
  • BF:9E:AB:2C:D0:3A:8B:D2:3F:D6:91:8C:36:7B:9D:20:
  • BE:01:80:60:AE:5B:60:E6
First seen at:

CN=mail2.ksan.de

Certificate chain
  • mail2.ksan.de
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R12
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail2.ksan.de
Alternative Names
  • mail2.ksan.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R12
validity period
Not valid before
2026-04-23
Not valid after
2026-07-22
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
Fingerprints
SHA256
14:4E:51:D8:D5:DB:A7:05:31:74:31:4C:B5:25:D9:E0:4A:D1:15:60:FC:00:F5:DE:2D:3C:D3:23:B5:0D:07:94
SHA1
A7:36:78:29:6F:D2:CC:68:E4:C7:28:C8:75:BA:2A:9A:E8:0A:BF:06
X509v3 extensions
subjectKeyIdentifier
  • 04:4D:6F:73:4B:B4:A1:20:68:1B:0C:6D:BA:63:1E:CC:14:E1:2F:A6
authorityKeyIdentifier
  • keyid:00:B5:29:F2:2D:8E:6F:31:E8:9B:4C:AD:78:3E:FA:DC:E9:0C:D1:D2
authorityInfoAccess
  • CA Issuers - URI:http://r12.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r12.c.lencr.org/105.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 46:AF:86:3D:3B:3E:E5:9F:A5:77:DE:A8:24:5D:36:B0:
  • D9:ED:22:A2:23:F4:61:77:41:22:94:52:EE:95:50:5F
  • Timestamp : Apr 23 12:57:57.730 2026 GMT
  • Extensions: 00:00:05:00:04:A9:83:04
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:01:F5:02:8E:3A:69:DB:E6:CB:88:73:4F:
  • A2:36:09:A2:1E:0A:44:AA:E6:0E:F1:BC:08:D8:A9:4C:
  • D4:2D:B2:08:02:21:00:F3:07:0D:30:26:9A:4B:D5:16:
  • 02:78:9C:97:54:BD:92:0B:D4:51:37:9C:75:A2:85:23:
  • 0B:54:E4:F2:74:5C:CC
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : AF:67:88:3B:57:B0:4E:DD:8F:A6:D9:7E:F6:2E:A8:EB:
  • 81:0A:C7:71:60:F0:24:5E:55:D6:0C:2F:E7:85:87:3A
  • Timestamp : Apr 23 12:57:57.872 2026 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:E2:89:D8:EF:7E:AD:EA:34:CC:F0:3B:
  • D5:2D:C1:19:3E:E4:F5:CE:72:B8:72:92:93:2D:4B:9D:
  • E4:E5:DF:9F:24:02:20:74:0A:71:BA:12:A0:9A:4A:0E:
  • 44:5D:B8:4D:94:AA:40:16:0E:F6:60:75:D3:75:40:85:
  • 39:6A:D1:C7:97:D6:6A