SSL-Tools

SSL check results of nnhl.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for nnhl.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sat, 10 May 2025 00:31:38 +0000

The mailservers of nnhl.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @nnhl.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.nnhl.de
2a01:4f8:10a:1ed2::2
 10
supported
mail.nnhl.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
7 s
mail.nnhl.de
88.99.94.147
 10
supported
mail.nnhl.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
7 s

Outgoing Mails

We have not received any emails from a @nnhl.de address so far. Test mail delivery

Certificates

First seen at:

CN=mail.nnhl.de

Certificate chain
  • mail.nnhl.de
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.nnhl.de
Alternative Names
  • mail.nnhl.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2025-05-02
Not valid after
2025-07-31
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
2D:D0:42:CC:78:37:2F:22:D6:48:92:3C:E1:E7:B6:5D:80:D2:36:11:91:C5:88:AC:9B:65:77:FA:8A:A7:D0:89
SHA1
58:B7:50:0C:D2:B1:96:3A:AD:0E:46:EC:E0:F8:20:D1:73:13:AA:88
X509v3 extensions
subjectKeyIdentifier
  • 77:A3:93:4E:18:ED:B6:F7:E6:1F:AD:79:89:9B:BF:C7:4A:89:23:11
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • OCSP - URI:http://r11.o.lencr.org
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r11.c.lencr.org/10.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
  • 22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
  • Timestamp : May 2 08:55:17.509 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:CE:EC:EE:48:2F:E5:3C:8D:AE:EE:98:
  • 2F:17:F0:F8:03:E2:73:C1:8F:E6:6F:24:62:E4:E4:E8:
  • 2F:3D:12:AB:47:02:21:00:C4:E4:AE:94:63:51:85:60:
  • 06:A7:33:E9:95:60:CF:DC:D8:4B:8E:CE:D2:46:43:D2:
  • 51:48:1A:57:87:C0:54:65
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
  • 47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
  • Timestamp : May 2 08:55:19.440 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:A3:6B:FD:62:32:6A:45:93:10:0E:35:
  • 84:22:AB:B6:FC:26:C0:35:59:70:14:42:1A:CE:43:C4:
  • 84:C9:C6:5E:F0:02:20:61:6B:A6:55:67:59:BA:03:B1:
  • E4:20:81:6E:B9:3F:BE:D5:C1:27:13:7C:F5:86:A9:CF:
  • B7:D6:72:D7:D4:9C:2F