SSL check results of mooij-gedaan.nl

NEW You can also bulk check multiple servers.

Discover if the mail servers for mooij-gedaan.nl can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Sun, 19 Jul 2026 00:31:37 +0000

The mailservers of mooij-gedaan.nl can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @mooij-gedaan.nl addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
h17.mijn.host
2a03:5180:7:2:28b:5c9:2702:1
10
supported
h17.mijn.host
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
h17.mijn.host
5.254.117.208
10
supported
h17.mijn.host
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Outgoing Mails

We have not received any emails from a @mooij-gedaan.nl address so far. Test mail delivery

Certificates

First seen at:

CN=h17.mijn.host

Certificate chain
  • h17.mijn.host
    • remaining
    • 256 bit
    • ecdsa-with-SHA384

      • YE1
        • remaining
        • 384 bit
        • ecdsa-with-SHA384

          • Root YE
            • remaining
            • 384 bit
            • ecdsa-with-SHA384

              • ISRG Root X2 (Certificate is self-signed.)
                • remaining
                • 384 bit
                • ecdsa-with-SHA384

Subject
Common Name (CN)
  • h17.mijn.host
Alternative Names
  • h17.mijn.host
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • YE1
validity period
Not valid before
2026-05-28
Not valid after
2026-08-26
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
Fingerprints
SHA256
38:8E:D5:87:1E:D1:F5:14:CD:2D:AB:8B:30:4C:3B:DC:C8:28:6A:6A:F3:1D:7C:03:77:17:7C:D4:DB:B0:76:3A
SHA1
55:2E:2D:70:20:A2:E4:F8:3D:4C:F6:3D:D6:BF:50:DE:49:24:8B:16
X509v3 extensions
subjectKeyIdentifier
  • 29:51:F1:89:03:54:23:79:7B:83:F4:E0:2C:25:63:08:57:EE:FD:35
authorityKeyIdentifier
  • keyid:BB:20:CA:47:0B:FE:D7:E5:9C:F9:8F:09:2A:A3:8C:37:45:B1:BC:D8
authorityInfoAccess
  • CA Issuers - URI:http://ye1.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://ye1.c.lencr.org/40.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : D7:6D:7D:10:D1:A7:F5:77:C2:C7:E9:5F:D7:00:BF:F9:
  • 82:C9:33:5A:65:E1:D0:B3:01:73:17:C0:C8:C5:69:77
  • Timestamp : May 28 20:11:31.804 2026 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:F9:C9:E7:34:E0:EC:2B:B9:69:4C:AF:
  • 00:BF:88:39:57:EF:FB:65:22:52:CC:29:3F:44:2E:89:
  • 82:8F:64:42:CA:02:21:00:A5:57:9F:90:9C:1B:39:6B:
  • 7A:7F:72:C5:9A:D7:B1:B3:42:EB:06:45:1F:D0:50:2D:
  • 25:33:AD:D4:EC:D2:C9:E6
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 46:AF:86:3D:3B:3E:E5:9F:A5:77:DE:A8:24:5D:36:B0:
  • D9:ED:22:A2:23:F4:61:77:41:22:94:52:EE:95:50:5F
  • Timestamp : May 28 20:11:31.930 2026 GMT
  • Extensions: 00:00:05:00:07:EB:E3:AC
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:F7:42:64:20:75:37:9E:2C:9A:8A:73:
  • E4:F9:01:1C:E0:77:BB:3A:9A:9F:EF:9E:81:CE:0A:F6:
  • 48:6A:92:FB:68:02:21:00:F6:B2:D8:48:F8:8E:B0:6F:
  • 49:71:84:C3:F7:E7:09:16:29:27:AA:E9:DF:D4:76:D3:
  • A8:F9:13:24:03:7C:C2:05

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.h17.mijn.host
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.h17.mijn.host
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.h17.mijn.host
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.h17.mijn.host
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.h17.mijn.host
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.h17.mijn.host
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.h17.mijn.host
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.h17.mijn.host
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.h17.mijn.host
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.h17.mijn.host
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.h17.mijn.host
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.h17.mijn.host
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.h17.mijn.host
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.h17.mijn.host
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid