SSL-Tools

SSL check results of obereder.org

NEW You can also bulk check multiple servers.

Discover if the mail servers for obereder.org can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 09 Sep 2025 19:44:35 +0000

The mailservers of obereder.org can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @obereder.org addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.obereder.org
213.255.218.107
 10
supported
mail.obereder.org
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @obereder.org address so far. Test mail delivery

Certificates

First seen at:

CN=mail.obereder.org

Certificate chain
  • mail.obereder.org
    • remaining
    • 384 bit
    • ecdsa-with-SHA384
      • E8
        • remaining
        • 384 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.obereder.org
Alternative Names
  • mail.obereder.org
  • mx.obereder.org
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • E8
validity period
Not valid before
2025-09-09
Not valid after
2025-12-08
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
C2:CE:A4:83:B3:77:56:25:8F:68:3D:99:05:59:8C:E9:DD:2E:34:0D:30:ED:91:65:A2:40:45:12:CB:A1:7D:D1
SHA1
06:E0:71:11:4C:06:4E:B9:25:8C:AC:60:DF:B2:33:55:0A:8B:EB:DF
X509v3 extensions
subjectKeyIdentifier
  • 74:C3:1F:5E:80:62:38:BB:80:20:7B:34:7F:20:10:DF:FE:80:22:C4
authorityKeyIdentifier
  • keyid:8F:0D:13:A2:F6:2E:7E:D1:50:6C:33:18:38:5D:59:8E:23:72:91:CA
authorityInfoAccess
  • CA Issuers - URI:http://e8.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://e8.c.lencr.org/44.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A4:42:C5:06:49:60:61:54:8F:0F:D4:EA:9C:FB:7A:2D:
  • 26:45:4D:87:A9:7F:2F:DF:45:59:F6:27:4F:3A:84:54
  • Timestamp : Sep 9 16:07:26.777 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:1E:C7:09:F6:EB:66:BF:BF:3B:CF:39:34:
  • 64:7E:2E:E7:6A:B1:65:4F:E4:80:0E:15:42:6A:0F:61:
  • 70:A3:FC:BC:02:20:58:8D:0E:66:C8:B4:5D:3C:A1:96:
  • 23:A9:EB:93:AB:25:30:A9:24:EE:14:3E:D7:C4:89:A4:
  • 97:02:2D:4F:19:A9
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
  • 22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
  • Timestamp : Sep 9 16:07:26.820 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:7B:F6:29:8E:1D:CC:81:8A:06:15:E0:B4:
  • 0C:B1:29:74:B2:0F:22:3B:6C:FD:61:0B:DE:DC:C2:92:
  • B5:36:77:24:02:20:59:4F:CC:A5:99:5A:17:45:4B:C4:
  • A5:EB:EF:7D:25:8C:EC:DE:BB:D4:A0:E1:74:86:71:D8:
  • 79:01:D7:9C:25:6F

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.obereder.org
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid