SSL-Tools

SSL check results of peperkamp.dev

NEW You can also bulk check multiple servers.

Discover if the mail servers for peperkamp.dev can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 25 Apr 2024 14:24:39 +0000

No connection to the mailservers of peperkamp.dev could be established.

Servers

Incoming Mails

These servers are responsible for incoming mails to @peperkamp.dev addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.peperkamp.dev
2a01:4f8:1c1b:4891::1
Results incomplete
10
supported
mail.peperkamp.dev
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
mail.peperkamp.dev
49.13.197.126
Results incomplete
10
supported
mail.peperkamp.dev
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Outgoing Mails

We have not received any emails from a @peperkamp.dev address so far. Test mail delivery

Certificates

First seen at:

CN=mail.peperkamp.dev

Certificate chain
  • mail.peperkamp.dev
    • remaining
    • 384 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.peperkamp.dev
Alternative Names
  • mail.peperkamp.dev
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-04-25
Not valid after
2024-07-24
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
7F:6B:AE:5D:4A:18:88:57:69:E9:41:82:C5:FE:A5:6C:BF:FF:B6:82:89:A9:73:BD:AE:7A:00:FB:AD:71:C0:00
SHA1
4B:74:40:47:6A:FD:D6:7F:BB:25:EB:98:90:BD:E7:7D:09:4B:F7:24
X509v3 extensions
subjectKeyIdentifier
  • AD:9F:A0:78:4F:AC:62:22:E4:F0:B2:99:71:B6:44:20:23:C4:BF:7E
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : Apr 25 12:54:46.160 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:AB:34:BA:87:78:BB:EC:53:2A:44:60:
  • DD:BF:0D:D2:46:DE:E0:5C:BB:AF:31:36:24:C9:1B:5E:
  • AD:A6:60:D7:8B:02:21:00:E2:4A:F9:28:FA:CD:31:60:
  • 4F:65:1F:CB:77:BD:03:84:85:F1:58:F9:6B:EE:C6:AA:
  • B5:7E:A6:30:FC:9F:CC:4E
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
  • 4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
  • Timestamp : Apr 25 12:54:46.347 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:49:96:3D:27:CA:57:61:35:70:04:9E:6A:
  • 03:55:0C:8A:FF:56:ED:03:9C:0C:79:52:6B:24:55:44:
  • F2:4D:29:EE:02:21:00:A8:E7:C1:90:05:A1:B5:D9:31:
  • 0B:A5:24:8E:D2:2C:C5:08:21:A0:22:6B:19:94:19:A7:
  • 9A:9F:55:4F:9B:CD:B9
tlsfeature
  • status_request

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.peperkamp.dev
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid