SSL-Tools

SSL check results of mattei.cz

NEW You can also bulk check multiple servers.

Discover if the mail servers for mattei.cz can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Wed, 22 Jun 2022 18:33:18 +0000

We can not guarantee a secure connection to the mailservers of mattei.cz!

Please contact the operator of mattei.cz and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/mattei.cz

Servers

Incoming Mails

These servers are responsible for incoming mails to @mattei.cz addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.mattei.cz
176.74.145.134
Results incomplete
0
supported
not checked
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
ns1.bfp.cz
2a01:28:ca:65::1
 100
supported
ns1.bfp.cz
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
ns1.bfp.cz
88.86.101.41
 100
supported
ns1.bfp.cz
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @mattei.cz address so far. Test mail delivery

Certificates

First seen at:

emailAddress=nic-person@bfp.cz,CN=ns1.bfp.cz,C=CZ

Certificate chain
Subject
Country (C)
  • CZ
Common Name (CN)
  • ns1.bfp.cz
Email
  • nic-person@bfp.cz
Alternative Names
  • ns1.bfp.cz
  • bfp.cz
Issuer
Country (C)
  • IL
Organization (O)
  • StartCom Ltd.
Organizational Unit (OU)
  • Secure Digital Certificate Signing
Common Name (CN)
  • StartCom Class 1 Primary Intermediate Server CA
validity period
Not valid before
2014-03-26
Not valid after
2015-03-27
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • Key Agreement
  • TLS Web Server Authentication
Fingerprints
SHA256
28:17:45:03:53:13:2C:F9:3E:D4:36:73:75:B4:76:11:8F:95:0E:20:45:7C:51:22:AF:98:01:40:14:DC:AD:CF
SHA1
2A:1C:9A:08:DE:BE:A2:FE:BB:48:52:8B:B1:37:88:8E:A3:1F:2C:74
X509v3 extensions
subjectKeyIdentifier
  • EC:37:59:6C:4D:EB:BF:34:53:12:0A:2C:00:DE:85:18:40:0D:AE:AB
authorityKeyIdentifier
  • keyid:EB:42:34:D0:98:B0:AB:9F:F4:1B:6B:08:F7:CC:64:2E:EF:0E:2C:45
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.23223.1.2.3
  • CPS: http://www.startssl.com/policy.pdf
  • User Notice:
  • Organization: StartCom Certification Authority
  • Number: 1
  • Explicit Text: This certificate was issued according to the Class 1 Validation requirements of the StartCom CA policy, reliance only for the intended purpose in compliance of the relying party obligations.
crlDistributionPoints
  • Full Name:
  • URI:http://crl.startssl.com/crt1-crl.crl
authorityInfoAccess
  • OCSP - URI:http://ocsp.startssl.com/sub/class1/server/ca
  • CA Issuers - URI:http://aia.startssl.com/certs/sub.class1.server.ca.crt
issuerAltName
  • URI:http://www.startssl.com/