SSL-Tools

SSL check results of pohlmann.casa

NEW You can also bulk check multiple servers.

Discover if the mail servers for pohlmann.casa can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 25 Apr 2024 19:15:37 +0000

The mailservers of pohlmann.casa can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @pohlmann.casa addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.pohlmann.pro
65.109.35.151
 10
supported
mail.pohlmann.pro
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
8 s

Outgoing Mails

We have not received any emails from a @pohlmann.casa address so far. Test mail delivery

Certificates

First seen at:

CN=mail.pohlmann.pro

Certificate chain
  • mail.pohlmann.pro
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.pohlmann.pro
Alternative Names
  • mail.pohlmann.pro
  • mta-sts.pohlmann.pro
  • webmail.pohlmann.pro
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-03-11
Not valid after
2024-06-09
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
1C:3D:70:AA:07:A9:B4:45:E1:BC:8D:20:58:FD:8B:C2:13:C9:FA:58:89:33:EE:AE:B9:06:FF:3D:04:3B:80:61
SHA1
BE:7E:F8:2A:B8:08:5B:CB:C8:4C:56:82:C2:82:7B:7F:71:C6:89:AA
X509v3 extensions
subjectKeyIdentifier
  • 89:04:9B:9C:43:C2:C0:C4:70:E0:A7:98:32:AE:DE:25:4B:2D:FB:09
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
  • 67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
  • Timestamp : Mar 12 00:02:26.906 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:B7:E5:3A:C2:91:7A:BC:C7:4E:54:26:
  • FB:73:39:3C:12:FB:C9:F4:9D:57:5D:10:BB:02:93:D2:
  • 79:DF:9C:1E:AC:02:21:00:F8:24:E6:E4:66:94:B5:77:
  • 4B:2B:45:21:5D:0D:9B:E9:B2:1A:C9:31:2D:EE:B6:63:
  • FD:0F:F6:CA:53:C7:AC:6E
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
  • 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
  • Timestamp : Mar 12 00:02:26.912 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:10:8F:72:DF:D5:04:71:64:F1:3E:4D:1B:
  • F3:BE:39:65:E6:58:B5:57:21:14:2A:80:15:64:04:33:
  • 15:96:AD:20:02:20:2B:B8:2D:0F:FA:7D:24:9E:B1:44:
  • 93:CF:D6:E8:8C:94:3D:14:A5:0A:48:6C:63:AA:F8:69:
  • 77:72:FA:E2:AD:B8

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.pohlmann.pro
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid