SSL-Tools

SSL check results of nerux.org

NEW You can also bulk check multiple servers.

Discover if the mail servers for nerux.org can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sun, 25 Oct 2020 01:04:03 +0000

We can not guarantee a secure connection to the mailservers of nerux.org!

Please contact the operator of nerux.org and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/nerux.org

Servers

Incoming Mails

These servers are responsible for incoming mails to @nerux.org addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.nerux.org
2001:41d0:2:1a3f::2:3
Results incomplete
10 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
4 s
mail.nerux.org
94.23.25.63
 10
supported
*.nerux.org
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s
trafalgar.nerux.org
2001:470:1f13:7e2::4:2
Results incomplete
20 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
trafalgar.nerux.org
83.153.86.247
Results incomplete
20
supported
mail.nerux.org
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @nerux.org address so far. Test mail delivery

Certificates

First seen at:

CN=mail.nerux.org

Certificate chain
  • mail.nerux.org
    • remaining
    • 4096 bit
    • sha512WithRSAEncryption
    • Hostname Mismatch
      • CA Cert Signing Authority (Certificate is self-signed.)
        • remaining
        • 4096 bit
        • md5WithRSAEncryption
        • Unknown Authority
Subject
Common Name (CN)
  • mail.nerux.org
Alternative Names
  • mail.nerux.org
  • othername:<unsupported>
Issuer
Organization (O)
  • Root CA
Organizational Unit (OU)
  • http://www.cacert.org
Common Name (CN)
  • CA Cert Signing Authority
Email
  • support@cacert.org
validity period
Not valid before
2019-07-09
Not valid after
2021-07-08
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • Key Agreement
  • TLS Web Client Authentication
  • TLS Web Server Authentication
  • Netscape Server Gated Crypto
  • Microsoft Server Gated Crypto
Fingerprints
SHA256
AF:6A:6A:EF:6B:02:F9:E9:7A:DE:18:12:15:1B:F2:5F:91:33:B0:A7:24:58:32:6E:B8:F7:5C:3B:1A:ED:E9:6B
SHA1
9C:16:E0:E6:8C:2B:FE:1C:93:02:1C:9D:D3:2D:67:77:55:5B:5B:D4
X509v3 extensions
authorityInfoAccess
  • OCSP - URI:http://ocsp.cacert.org/
crlDistributionPoints
  • Full Name:
  • URI:http://crl.cacert.org/revoke.crl
First seen at:

CN=*.nerux.org

Certificate chain
Subject
Common Name (CN)
  • *.nerux.org
Alternative Names
  • *.nerux.org
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • Let's Encrypt Authority X3
validity period
Not valid before
2020-10-23
Not valid after
2021-01-21
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
65:A2:79:3A:EA:55:2A:55:BD:79:65:D9:15:1E:C3:22:60:FE:DD:B8:02:3B:31:16:0E:67:C3:FB:49:9F:C3:97
SHA1
B5:95:4F:2E:41:52:93:ED:FE:35:2F:69:C6:7B:E4:EF:0B:BB:AA:7C
X509v3 extensions
subjectKeyIdentifier
  • 57:4E:79:C5:4F:D7:81:16:23:E7:67:CB:DC:95:5C:D4:6C:0A:2E:13
authorityKeyIdentifier
  • keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
authorityInfoAccess
  • OCSP - URI:http://ocsp.int-x3.letsencrypt.org
  • CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 94:20:BC:1E:8E:D5:8D:6C:88:73:1F:82:8B:22:2C:0D:
  • D1:DA:4D:5E:6C:4F:94:3D:61:DB:4E:2F:58:4D:A2:C2
  • Timestamp : Oct 23 16:22:28.621 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:33:D0:3B:01:39:B9:75:83:CB:4A:0F:E0:
  • 0E:76:E9:F6:79:E9:6D:68:A9:40:4F:D7:32:A0:AF:F7:
  • 76:5A:5B:89:02:20:5A:07:B1:9C:9C:89:7B:FB:52:81:
  • 4E:7C:B9:CE:59:EC:68:57:C7:78:6C:D0:84:D1:A8:76:
  • EF:2E:62:85:3F:5A
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : F6:5C:94:2F:D1:77:30:22:14:54:18:08:30:94:56:8E:
  • E3:4D:13:19:33:BF:DF:0C:2F:20:0B:CC:4E:F1:64:E3
  • Timestamp : Oct 23 16:22:28.576 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:C6:CC:7D:85:1D:0B:8E:B1:41:9B:FB:
  • 8C:8B:28:B3:58:72:3D:C7:E7:FD:8A:85:BB:3E:AD:A4:
  • 55:98:36:45:9B:02:20:09:D2:F0:96:CA:FE:BF:C5:6A:
  • E0:04:2A:D9:A3:B4:CD:68:17:6E:2B:4B:94:85:5D:99:
  • 11:0B:96:77:EA:4A:B4