SSL-Tools

SSL check results of mx01.rhein.cloud

NEW You can also bulk check multiple servers.

Discover if the mail servers for mx01.rhein.cloud can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sun, 03 Mar 2024 21:03:16 +0000

The mailservers of mx01.rhein.cloud can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @mx01.rhein.cloud addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx01.rhein.cloud
37.24.55.142
 -
supported
mail.rhein.cloud
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
7 s

Outgoing Mails

We have not received any emails from a @mx01.rhein.cloud address so far. Test mail delivery

Certificates

First seen at:

CN=mail.rhein.cloud

Certificate chain
  • mail.rhein.cloud
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.rhein.cloud
Alternative Names
  • mail.rhein.cloud
  • mx01.rhein.cloud
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-02-29
Not valid after
2024-05-29
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
AF:80:25:91:44:1E:FE:BA:F2:7D:5F:A8:7B:98:4C:71:C0:6C:C6:87:08:72:47:04:30:29:F4:4A:F8:1D:55:70
SHA1
1C:A7:18:5F:31:2E:7C:53:2C:18:A8:A1:82:5A:43:0F:D7:14:EF:74
X509v3 extensions
subjectKeyIdentifier
  • DC:35:39:B8:C4:C1:FF:07:BF:18:D9:F9:36:E6:4C:B0:05:CC:ED:3B
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
  • 67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
  • Timestamp : Feb 29 10:31:18.778 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:35:9D:03:B5:40:B8:E0:76:8F:EA:8C:50:
  • EA:EF:3E:F7:9A:72:81:48:BD:8C:D3:17:E3:7E:2C:46:
  • 7C:EF:C4:00:02:20:1B:AC:CF:91:55:1F:5A:A8:98:CA:
  • E7:1E:84:32:5C:A6:4B:5D:F1:BC:92:D8:37:57:72:A7:
  • 78:0A:AD:6C:8B:ED
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : Feb 29 10:31:18.924 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:FE:1E:08:09:0A:A8:1B:96:36:D0:62:
  • BD:53:B1:A0:7C:5C:AC:4D:3A:25:DC:8E:69:F6:79:C0:
  • 5C:FE:F9:95:0B:02:20:73:98:3D:E7:26:EA:E9:74:9A:
  • 8D:0A:0B:10:BE:B8:EB:34:61:C1:82:8D:F2:51:F0:0B:
  • D8:B9:CB:81:8B:06:EE

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx01.rhein.cloud
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mx01.rhein.cloud
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mx01.rhein.cloud
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid