SSL check results of nausch.org

NEW You can also bulk check multiple servers.

Discover if the mail servers for nausch.org can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Thu, 06 May 2021 21:12:41 +0000

No connection to the mailservers of nausch.org could be established.

Servers

Incoming Mails

These servers are responsible for incoming mails to @nausch.org addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx1.nausch.org
217.92.13.131
Results incomplete
10
supported
mx1.nausch.org
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
7 s
mx1.tachtler.net
88.217.171.167
Results incomplete
20
supported
mx1.tachtler.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
8 s

Outgoing Mails

We have not received any emails from a @nausch.org address so far. Test mail delivery

Certificates

First seen at:

CN=mx1.tachtler.net

Certificate chain
  • mx1.tachtler.net
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption

      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption

          • DST Root CA X3 (Certificate is self-signed.)
            • remaining
            • 2048 bit
            • sha1WithRSAEncryption

Subject
Common Name (CN)
  • mx1.tachtler.net
Alternative Names
  • mx1.tachtler.net
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2021-03-06
Not valid after
2021-06-04
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
0C:B1:C1:60:0B:69:8F:98:BC:B2:29:4F:20:69:AB:92:BA:EB:4D:77:1A:03:0A:53:31:E4:70:67:6E:DE:0A:E5
SHA1
BC:99:3A:0B:06:37:3D:BD:08:94:B5:A4:4C:32:19:18:DB:DE:33:92
X509v3 extensions
subjectKeyIdentifier
  • BC:C0:60:D7:AB:A7:84:44:53:10:BA:4D:03:55:7C:FF:25:C9:D3:D2
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 94:20:BC:1E:8E:D5:8D:6C:88:73:1F:82:8B:22:2C:0D:
  • D1:DA:4D:5E:6C:4F:94:3D:61:DB:4E:2F:58:4D:A2:C2
  • Timestamp : Mar 6 07:26:41.395 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:4C:F0:38:A2:FF:25:20:D5:A6:E2:0F:54:
  • 2B:7C:FE:59:09:77:01:E7:C6:98:1F:AC:F4:91:EE:FC:
  • 9B:F9:11:05:02:21:00:8D:27:60:DC:67:00:A2:04:57:
  • 35:38:4A:B3:FB:7A:EE:5E:9E:10:BD:2B:F5:5F:66:87:
  • 07:B8:70:62:67:EB:41
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7D:3E:F2:F8:8F:FF:88:55:68:24:C2:C0:CA:9E:52:89:
  • 79:2B:C5:0E:78:09:7F:2E:6A:97:68:99:7E:22:F0:D7
  • Timestamp : Mar 6 07:26:41.453 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:76:39:72:90:B0:1C:4B:DD:F8:25:96:07:
  • 69:31:F7:A7:56:AA:EF:E7:21:22:92:16:C3:DD:A6:C1:
  • 7F:3C:22:6C:02:20:5D:84:BF:CC:03:66:26:8B:0C:ED:
  • B8:01:26:47:C8:F8:0E:00:BD:93:CB:5B:BF:1E:04:A4:
  • B2:59:91:47:06:D4
First seen at:

CN=mx1.nausch.org

Certificate chain
Subject
Common Name (CN)
  • mx1.nausch.org
Alternative Names
  • mx1.nausch.org
Issuer
Country (C)
  • BE
Organization (O)
  • GlobalSign nv-sa
Common Name (CN)
  • AlphaSSL CA - SHA256 - G2
validity period
Not valid before
2021-02-08
Not valid after
2022-03-12
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Agreement
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
80:82:14:BF:BB:F7:7C:CF:57:DA:41:D5:8A:C2:0C:91:EC:C8:41:CB:FD:5E:F8:56:17:73:24:DF:7D:89:1F:A5
SHA1
8D:98:8D:AB:6D:28:17:CD:FB:51:29:1E:41:DE:FE:C9:53:67:B2:71
X509v3 extensions
authorityInfoAccess
  • CA Issuers - URI:http://secure2.alphassl.com/cacert/gsalphasha2g2r1.crt
  • OCSP - URI:http://ocsp2.globalsign.com/gsalphasha2g2
certificatePolicies
  • Policy: 1.3.6.1.4.1.4146.1.10.10
  • CPS: https://www.globalsign.com/repository/
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://crl2.alphassl.com/gs/gsalphasha2g2.crl
authorityKeyIdentifier
  • keyid:F5:CD:D5:3C:08:50:F9:6A:4F:3A:B7:97:DA:56:83:E6:69:D2:68:F7
subjectKeyIdentifier
  • E0:A9:2F:8C:4B:12:8C:E1:E3:AD:9B:4E:D3:E5:AD:41:5B:B8:86:E4
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 29:79:BE:F0:9E:39:39:21:F0:56:73:9F:63:A5:77:E5:
  • BE:57:7D:9C:60:0A:F8:F9:4D:5D:26:5C:25:5D:C7:84
  • Timestamp : Feb 8 15:45:51.222 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:BC:51:DA:E7:56:E7:0E:07:12:5A:7B:
  • A7:98:05:12:6F:82:7F:BE:ED:94:5A:BB:B4:80:31:CA:
  • 8B:DB:3B:9B:EB:02:21:00:87:E1:04:99:21:67:0C:0F:
  • 9F:A6:E9:A4:1F:5D:83:84:03:4E:93:B6:AA:00:E0:A6:
  • AF:3E:6F:ED:EF:D1:41:B5
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 55:81:D4:C2:16:90:36:01:4A:EA:0B:9B:57:3C:53:F0:
  • C0:E4:38:78:70:25:08:17:2F:A3:AA:1D:07:13:D3:0C
  • Timestamp : Feb 8 15:45:51.254 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:2E:2E:2A:7A:4E:EE:32:A3:2E:66:86:84:
  • E6:1C:F7:0A:50:8D:71:73:02:CA:22:A1:C9:44:AF:32:
  • B3:FB:03:2D:02:21:00:97:3E:5C:05:9D:EF:D2:AE:3B:
  • 9E:22:84:51:54:CC:D1:C1:E0:5B:32:E4:82:7D:95:E3:
  • 5C:6C:7E:BE:69:9D:42

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx1.tachtler.net
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mx1.nausch.org
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid
_25._tcp.mx1.nausch.org
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid