SSL-Tools

SSL check results of ncpl.ch

NEW You can also bulk check multiple servers.

Discover if the mail servers for ncpl.ch can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 30 Sep 2024 09:29:46 +0000

No connection to the mailservers of ncpl.ch could be established.

Servers

Incoming Mails

These servers are responsible for incoming mails to @ncpl.ch addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.ncpl.ch
2a01:4f8:13a:21aa::2
Results incomplete
10
supported
mail.ncpl.ch
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
5 s
mail.ncpl.ch
195.201.203.150
Results incomplete
10
supported
mail.ncpl.ch
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
5 s

Outgoing Mails

We have not received any emails from a @ncpl.ch address so far. Test mail delivery

Certificates

First seen at:

CN=mail.ncpl.ch

Certificate chain
  • mail.ncpl.ch
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.ncpl.ch
Alternative Names
  • autoconfig.alessandromattle.com
  • autoconfig.arthig.ch
  • autoconfig.carbroker.ch
  • autoconfig.deevee.ch
  • autoconfig.deliciously.ch
  • autoconfig.hajfler.ch
  • autoconfig.lemarieconsulting.ch
  • autoconfig.ncpl.ch
  • autoconfig.raumlabor.ch
  • autoconfig.unas-technology.com
  • autoconfig.zanonibucher.ch
  • autodiscover.alessandromattle.com
  • autodiscover.arthig.ch
  • autodiscover.carbroker.ch
  • autodiscover.deevee.ch
  • autodiscover.deliciously.ch
  • autodiscover.hajfler.ch
  • autodiscover.lemarieconsulting.ch
  • autodiscover.ncpl.ch
  • autodiscover.raumlabor.ch
  • autodiscover.unas-technology.com
  • autodiscover.zanonibucher.ch
  • mail.ncpl.ch
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2024-09-26
Not valid after
2024-12-25
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
E4:AD:16:57:78:DE:48:D5:6A:D7:3D:C2:D3:4A:B4:1D:56:94:02:D6:1E:BD:73:41:3D:E4:74:A7:FD:F3:6D:89
SHA1
73:89:E5:FA:6C:99:BD:20:42:1F:CF:E9:5F:72:A2:29:C6:71:48:C2
X509v3 extensions
subjectKeyIdentifier
  • A7:80:42:01:E6:21:57:6A:DE:62:97:CF:83:0C:08:A1:4E:D1:A1:DC
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • OCSP - URI:http://r11.o.lencr.org
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
  • 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
  • Timestamp : Sep 26 12:51:57.297 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:D5:AF:EF:56:0D:A9:20:9C:9C:60:41:
  • BB:20:B4:B6:B0:CB:1B:BE:85:34:3E:84:A3:3E:5B:D8:
  • DB:9F:45:D7:4D:02:20:61:64:54:7C:5E:E0:EE:0D:C0:
  • 28:C0:35:DB:9A:1F:08:68:C5:4A:68:C5:61:6B:79:BA:
  • 1A:E2:F9:E8:7C:FF:9B
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
  • 4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
  • Timestamp : Sep 26 12:51:57.485 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:78:0E:17:BB:3A:2B:2D:75:3E:14:0A:E1:
  • AE:66:AA:4F:DD:4B:D2:DF:BC:E2:16:29:01:BE:C4:82:
  • A9:50:E5:9C:02:20:27:BB:69:98:8A:EE:0B:C4:A4:7A:
  • 38:EC:69:7E:2F:A0:CB:0C:CF:2A:01:BD:C0:85:1D:6A:
  • B5:26:68:8A:87:C7

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.ncpl.ch
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid