SSL-Tools

SSL check results of moriz.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for moriz.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sat, 20 Apr 2024 21:44:30 +0000

The mailservers of moriz.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @moriz.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.moriz.net
2a01:4f8:1c0c:6d02::1
 10
supported
mail.moriz.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
3 s
mail.moriz.net
78.47.113.135
 10
supported
mail.moriz.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @moriz.de address so far. Test mail delivery

Certificates

First seen at:

CN=mail.moriz.net

Certificate chain
  • mail.moriz.net
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.moriz.net
Alternative Names
  • mail.moriz.net
  • mail100.ffm.de.moriz.net
  • mail100.nbg.de.moriz.net
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-04-19
Not valid after
2024-07-18
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
A9:72:32:1E:F3:38:2F:AA:A3:D5:F5:BC:99:C0:1B:74:08:1F:C0:69:68:1F:40:EC:28:D0:90:C4:76:8A:60:8A
SHA1
9C:7E:E7:28:8C:0C:71:C5:C0:BD:26:07:B4:AB:6A:CB:36:16:33:0B
X509v3 extensions
subjectKeyIdentifier
  • B9:14:7E:47:33:A1:09:21:9F:CC:A1:37:74:15:A1:33:23:EF:BC:E9
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
  • 83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
  • Timestamp : Apr 19 22:06:07.663 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:3A:5F:1C:C1:D3:5E:4B:08:EC:98:E6:FC:
  • 6B:C7:F9:BE:38:91:0A:B1:B9:4B:BF:9A:F4:B8:2D:B6:
  • 7A:BC:1D:5A:02:21:00:FE:D4:49:44:35:77:F6:AF:23:
  • 20:AE:3D:C1:CE:AC:A0:1C:A0:80:AF:D2:DA:3B:C6:68:
  • 45:DF:5C:5D:74:50:7B
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : Apr 19 22:06:07.705 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:88:CE:41:28:05:A1:2D:B5:C2:D3:48:
  • 97:B9:CE:7C:F3:C6:34:E1:C3:27:94:9E:9C:37:60:06:
  • 4B:04:39:17:4A:02:20:1D:1B:53:2A:96:3B:3B:72:53:
  • AA:09:73:89:79:54:FD:3C:B4:10:32:78:B9:3C:14:7F:
  • 08:81:AB:AC:51:70:6C

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.moriz.net
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid