SSL-Tools

SSL check results of mx1-dev.provalue.nl

NEW You can also bulk check multiple servers.

Discover if the mail servers for mx1-dev.provalue.nl can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Fri, 31 Jul 2020 01:00:45 +0000

The mailservers of mx1-dev.provalue.nl can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @mx1-dev.provalue.nl addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx1-dev.provalue.nl
212.61.68.89
 -
supported
*.provalue.nl
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • SSLv3
12 s
mx1-dev.provalue.nl
2a02:830:1:2::68:89
Results incomplete
- not checked
DANE
errors
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s

Outgoing Mails

We have not received any emails from a @mx1-dev.provalue.nl address so far. Test mail delivery

Certificates

First seen at:

CN=*.provalue.nl

Certificate chain
Subject
Common Name (CN)
  • *.provalue.nl
Alternative Names
  • *.provalue.nl
  • provalue.nl
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Organizational Unit (OU)
  • www.digicert.com
Common Name (CN)
  • RapidSSL TLS RSA CA G1
validity period
Not valid before
2020-06-18
Not valid after
2021-07-18
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
3D:D3:B9:E2:3B:7D:31:FD:53:34:00:29:E1:33:FF:35:40:68:46:1C:61:F7:62:E8:B0:6F:64:93:B6:82:2E:22
SHA1
36:72:3E:8B:31:E7:96:DE:E0:79:B9:33:41:42:93:4B:73:BC:A6:17
X509v3 extensions
authorityKeyIdentifier
  • keyid:0C:DB:6C:82:49:0F:4A:67:0A:B8:14:EE:7A:C4:48:52:88:EB:56:38
subjectKeyIdentifier
  • 51:EB:EC:15:02:29:93:C8:95:6D:2F:40:1F:E9:D4:84:68:68:BF:79
crlDistributionPoints
  • Full Name:
  • URI:http://cdp.rapidssl.com/RapidSSLTLSRSACAG1.crl
certificatePolicies
  • Policy: 2.16.840.1.114412.1.2
  • CPS: https://www.digicert.com/CPS
  • Policy: 2.23.140.1.2.1
authorityInfoAccess
  • OCSP - URI:http://status.rapidssl.com
  • CA Issuers - URI:http://cacerts.rapidssl.com/RapidSSLTLSRSACAG1.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : F6:5C:94:2F:D1:77:30:22:14:54:18:08:30:94:56:8E:
  • E3:4D:13:19:33:BF:DF:0C:2F:20:0B:CC:4E:F1:64:E3
  • Timestamp : Jun 18 09:48:59.364 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:51:B7:57:97:FA:E3:7C:52:C3:5D:D1:62:
  • CE:80:B1:F1:28:C2:F9:84:F0:23:94:54:73:1E:D3:FC:
  • 61:00:75:46:02:20:77:45:B9:82:79:7C:A6:DD:B3:54:
  • E8:93:1C:73:0A:16:3E:29:18:46:68:F2:57:88:E4:E4:
  • 35:22:45:A4:6B:89
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 5C:DC:43:92:FE:E6:AB:45:44:B1:5E:9A:D4:56:E6:10:
  • 37:FB:D5:FA:47:DC:A1:73:94:B2:5E:E6:F6:C7:0E:CA
  • Timestamp : Jun 18 09:48:59.408 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:8E:0A:D0:E6:8E:CA:99:F1:0C:C5:18:
  • 3D:0C:F6:A5:F2:F5:A7:C8:C4:05:2D:AC:B1:67:BE:64:
  • D5:18:E4:06:EE:02:21:00:8D:46:6B:96:62:E9:FB:B2:
  • B6:09:90:51:97:44:26:1E:59:D4:B2:51:C3:1D:16:91:
  • 08:30:34:54:4D:66:44:7C

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx1-dev.provalue.nl
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid