SSL-Tools

SSL check results of mail.sslgate.net

NEW You can also bulk check multiple servers.

Discover if the mail servers for mail.sslgate.net can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 13 Apr 2026 00:30:35 +0000

The mailservers of mail.sslgate.net can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @mail.sslgate.net addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.sslgate.net
85.214.228.240
 -
supported
mail.sslgate.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mail.sslgate.net
2a01:238:4283:a500:c6c4:cc0f:6535:72d0
 -
supported
mail.sslgate.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @mail.sslgate.net address so far. Test mail delivery

Certificates

First seen at:

CN=mail.sslgate.net

Certificate chain
  • mail.sslgate.net
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R13
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.sslgate.net
Alternative Names
  • mail.sslgate.net
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R13
validity period
Not valid before
2026-03-27
Not valid after
2026-06-25
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
Fingerprints
SHA256
23:F5:2A:A9:25:97:07:E4:A5:C3:B8:C1:C3:FB:24:64:FB:EC:C0:27:D1:F2:B4:36:AE:18:62:85:A6:A1:87:80
SHA1
28:74:3E:24:01:F6:FD:E0:37:F2:CD:85:05:0F:BF:B3:41:D4:30:BA
X509v3 extensions
subjectKeyIdentifier
  • 34:4F:44:13:BD:68:0B:D0:85:33:22:48:E7:80:2A:90:FB:C8:5D:87
authorityKeyIdentifier
  • keyid:E7:AB:9F:0F:2C:33:A0:53:D3:5E:4F:78:C8:B2:84:0E:3B:D6:92:33
authorityInfoAccess
  • CA Issuers - URI:http://r13.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r13.c.lencr.org/27.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 64:11:C4:6C:A4:12:EC:A7:89:1C:A2:02:2E:00:BC:AB:
  • 4F:28:07:D4:1E:35:27:AB:EA:FE:D5:03:C9:7D:CD:F0
  • Timestamp : Mar 27 07:56:54.042 2026 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:82:AC:E9:59:28:EE:09:F9:1A:A7:C0:
  • 58:E5:F8:AD:DB:28:C7:9F:07:5C:01:E9:A4:74:A2:08:
  • EE:22:CE:35:7C:02:21:00:AE:32:05:47:43:71:52:2B:
  • E7:D4:67:C7:4A:BB:EF:E4:01:B5:08:D5:C1:1B:BD:BD:
  • 15:A1:B0:15:15:57:F7:64
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 1A:8B:9D:69:4A:57:98:C8:99:A0:CA:88:BD:F4:8F:C0:
  • B4:56:60:CC:C3:60:0D:1F:71:F4:69:FF:C7:D1:AC:A3
  • Timestamp : Mar 27 07:56:54.284 2026 GMT
  • Extensions: 00:00:05:00:58:D9:1C:D9
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:F2:30:41:EB:C6:9C:2B:CA:74:0D:16:
  • 5B:B9:E9:3F:F3:23:14:B6:95:B6:D1:8B:30:E9:FC:18:
  • 8B:8E:7B:22:2F:02:21:00:C1:7F:91:C6:0E:F7:40:40:
  • 72:4E:FD:2D:B8:1D:9C:95:E0:0C:5A:33:77:7B:8B:B3:
  • 16:F6:82:DB:73:B4:A3:4A

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.sslgate.net
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid