SSL-Tools

SSL check results of optimalatwork.nl

NEW You can also bulk check multiple servers.

Discover if the mail servers for optimalatwork.nl can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sun, 03 Nov 2024 01:31:09 +0000

We can not guarantee a secure connection to the mailservers of optimalatwork.nl!

Please contact the operator of optimalatwork.nl and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/optimalatwork.nl

Servers

Incoming Mails

These servers are responsible for incoming mails to @optimalatwork.nl addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx5.nso.eu
2a05:d014:576:ca01:2c96:c46d:c055:b91a
Results incomplete
10 not checked
DANE
errors
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
mx5.nso.eu
35.156.145.76
 10
supported
mx5.nso.eu
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
mx6.nso.eu
2a05:d014:576:ca02:e365:26c2:f98c:b330
Results incomplete
10 not checked
DANE
errors
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
mx6.nso.eu
52.29.244.74
 10
supported
mx6.nso.eu
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Outgoing Mails

We have not received any emails from a @optimalatwork.nl address so far. Test mail delivery

Certificates

First seen at:

CN=mx5.nso.eu

Certificate chain
  • mx5.nso.eu
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
    • Unknown Authority
      Sectigo RSA Domain Validation Secure Server CA
Subject
Common Name (CN)
  • mx5.nso.eu
Alternative Names
  • mx5.nso.eu
Issuer
Country (C)
  • GB
State (ST)
  • Greater Manchester
Locality (L)
  • Salford
Organization (O)
  • Sectigo Limited
Common Name (CN)
  • Sectigo RSA Domain Validation Secure Server CA
validity period
Not valid before
2024-08-20
Not valid after
2025-07-12
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
EC:D3:D6:8B:BD:FA:22:2E:8F:A3:20:0C:0A:34:46:D4:29:F9:18:E1:CC:E0:98:17:D8:70:73:6C:E2:DE:D1:E9
SHA1
BB:73:DF:67:A0:2B:58:13:CE:75:EB:BD:EE:4B:CF:7F:FD:30:15:88
X509v3 extensions
authorityKeyIdentifier
  • keyid:8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
subjectKeyIdentifier
  • F3:40:56:88:F7:C2:6F:DD:7D:A7:66:30:EF:DD:0D:71:AF:58:1D:BA
certificatePolicies
  • Policy: 1.3.6.1.4.1.6449.1.2.2.7
  • CPS: https://sectigo.com/CPS
  • Policy: 2.23.140.1.2.1
authorityInfoAccess
  • CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
  • OCSP - URI:http://ocsp.sectigo.com
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
  • 3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
  • Timestamp : Aug 20 11:41:05.183 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:7D:08:87:E7:53:B3:DB:5C:E5:2A:33:35:
  • A1:39:B5:39:36:48:71:B0:8E:06:A6:5C:26:2C:8D:52:
  • 12:83:B9:C7:02:20:73:C3:FD:B9:36:04:40:D8:37:74:
  • B9:D1:E5:23:5B:CB:03:41:11:BF:8C:60:CF:52:F6:EF:
  • 62:AE:32:A6:43:50
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
  • 47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
  • Timestamp : Aug 20 11:41:05.102 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:75:48:75:C9:95:FF:89:85:80:FD:0E:FC:
  • 21:29:4E:50:0D:B4:F7:CC:72:18:B1:71:E5:BE:2A:B1:
  • B5:AC:B2:33:02:20:25:D4:D2:E6:99:76:EF:09:03:F7:
  • 64:5D:5D:B9:3A:D6:F1:C7:8C:6F:36:B6:D9:16:63:13:
  • 64:75:C1:9C:EC:18
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
  • F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
  • Timestamp : Aug 20 11:41:05.100 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:1C:E6:04:CF:7D:4B:EA:6C:63:31:EB:0C:
  • 08:B1:47:9B:C6:BF:C2:DF:4F:E8:D5:EE:E1:44:92:DA:
  • 52:2E:D5:08:02:20:4F:CF:37:EB:2F:A0:89:53:A0:D0:
  • 84:80:68:47:50:FC:91:4D:76:86:14:33:70:9E:05:A0:
  • D9:A3:A4:E6:0E:81
First seen at:

CN=mx6.nso.eu

Certificate chain
  • mx6.nso.eu
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
    • Unknown Authority
      Sectigo RSA Domain Validation Secure Server CA
Subject
Common Name (CN)
  • mx6.nso.eu
Alternative Names
  • mx6.nso.eu
Issuer
Country (C)
  • GB
State (ST)
  • Greater Manchester
Locality (L)
  • Salford
Organization (O)
  • Sectigo Limited
Common Name (CN)
  • Sectigo RSA Domain Validation Secure Server CA
validity period
Not valid before
2024-08-20
Not valid after
2025-07-18
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
A3:2C:F1:A8:01:9F:7B:E5:00:49:6D:E0:05:00:DE:6B:48:D7:97:CA:A7:E5:EF:00:3E:F3:A6:FF:2F:A3:8B:0D
SHA1
6D:28:96:69:B1:9B:A4:2A:01:FC:6B:E7:FB:CB:64:8D:0D:95:E7:E7
X509v3 extensions
authorityKeyIdentifier
  • keyid:8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
subjectKeyIdentifier
  • D8:78:37:C2:32:62:2F:F3:86:F0:4C:59:82:BC:D3:00:8A:73:75:BD
certificatePolicies
  • Policy: 1.3.6.1.4.1.6449.1.2.2.7
  • CPS: https://sectigo.com/CPS
  • Policy: 2.23.140.1.2.1
authorityInfoAccess
  • CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
  • OCSP - URI:http://ocsp.sectigo.com
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
  • 3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
  • Timestamp : Aug 20 11:49:09.979 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:AF:A4:61:2A:F4:0A:30:64:CC:0D:27:
  • F5:8C:7C:C7:42:41:F7:7D:58:CC:5D:D1:64:DC:C2:07:
  • 66:88:3C:FA:4B:02:21:00:DA:5E:50:E0:EE:65:49:E0:
  • CE:D2:BE:E2:8F:37:99:93:3F:91:25:39:09:A3:01:B7:
  • 03:13:81:AB:B2:74:7C:D1
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
  • 47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
  • Timestamp : Aug 20 11:49:09.948 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:19:BD:EB:16:B7:96:40:F6:4E:80:85:C0:
  • D2:47:41:38:4F:DD:94:97:0D:BC:97:0F:28:4B:70:3A:
  • 6F:1F:BE:62:02:21:00:A9:83:12:D6:CB:DE:3F:FD:EF:
  • 1A:CB:62:0F:CD:0F:A2:51:FA:F8:03:9F:E8:F9:1B:6A:
  • DB:5E:84:F2:B0:EE:B3
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
  • F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
  • Timestamp : Aug 20 11:49:09.947 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:62:9F:A3:AA:56:B5:2F:61:1F:49:2F:7A:
  • 7A:A5:89:A3:FE:71:FB:B2:CA:D0:E2:F5:7A:18:E1:84:
  • ED:B7:ED:7E:02:21:00:E6:AB:BB:09:13:82:F2:19:73:
  • FF:42:9F:D4:F7:1F:F9:69:BE:72:59:F0:8A:5B:7C:DB:
  • DB:C4:75:9B:26:81:31

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx5.nso.eu
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid
_25._tcp.mx6.nso.eu
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid