SSL-Tools

SSL check results of pronordia.com

NEW You can also bulk check multiple servers.

Discover if the mail servers for pronordia.com can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Fri, 19 Jun 2020 18:41:06 +0000

The mailservers of pronordia.com can be reached through an encrypted connection.

However, we found problems that may affect the security.

Servers

Incoming Mails

These servers are responsible for incoming mails to @pronordia.com addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
gw01.isvgate.com
195.62.77.131
Results incomplete
10
supported
*.isvgate.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
gw02.isvgate.com
195.58.123.140
 20
supported
SonicWALL
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s

Outgoing Mails

We have not received any emails from a @pronordia.com address so far. Test mail delivery

Certificates

First seen at:

CN=SonicWALL,OU=SonicWALL,O=SonicWALL,L=SonicWALL,ST=SonicWALL,C=US

Certificate chain
  • SonicWALL (Certificate is self-signed.)
    • remaining
    • 2048 bit
    • sha1WithRSAEncryption
    • Hostname Mismatch
    • Unknown Authority
Subject
Country (C)
  • US
State (ST)
  • SonicWALL
Locality (L)
  • SonicWALL
Organization (O)
  • SonicWALL
Organizational Unit (OU)
  • SonicWALL
Common Name (CN)
  • SonicWALL
Issuer

Certificate is self-signed.

validity period
Not valid before
2015-11-10
Not valid after
2025-11-10
Fingerprints
SHA256
BD:3F:00:83:F4:1C:71:77:02:DF:0D:C0:6C:70:88:93:67:56:C4:65:D4:F8:0C:58:64:BF:7F:4B:27:CF:DA:61
SHA1
95:92:F3:E4:E0:9C:DE:62:4E:0B:07:44:91:CC:8B:63:30:4F:AF:DA
X509v3 extensions
subjectKeyIdentifier
  • 5D:A1:DE:38:E3:23:E4:3B:F0:46:18:F9:44:7B:EB:01:D3:99:74:5F
authorityKeyIdentifier
  • keyid:5D:A1:DE:38:E3:23:E4:3B:F0:46:18:F9:44:7B:EB:01:D3:99:74:5F
First seen at:

CN=*.isvgate.com,OU=Registry,O=ISV Gate AB,L=Nacka,C=SE

Certificate chain
Subject
Country (C)
  • SE
Locality (L)
  • Nacka
Organization (O)
  • ISV Gate AB
Organizational Unit (OU)
  • Registry
Common Name (CN)
  • *.isvgate.com
Alternative Names
  • *.isvgate.com
  • isvgate.com
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Organizational Unit (OU)
  • www.digicert.com
Common Name (CN)
  • Thawte RSA CA 2018
validity period
Not valid before
2018-09-24
Not valid after
2020-08-02
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
76:42:65:90:64:F5:9F:3D:8B:62:0B:43:E3:B1:0D:CE:31:11:2B:CA:CF:89:91:25:70:0F:D6:34:04:AC:6A:62
SHA1
A0:E3:6D:C8:46:79:FF:BF:3A:1A:AE:F5:5C:94:01:6C:F5:92:7E:45
X509v3 extensions
authorityKeyIdentifier
  • keyid:A3:C8:5E:65:54:E5:30:78:C1:05:EA:07:0A:6A:59:CC:B9:FE:DE:5A
subjectKeyIdentifier
  • 25:4A:DB:31:98:BD:4A:11:F9:77:C6:DF:0D:62:E4:1E:CF:EF:B7:54
crlDistributionPoints
  • Full Name:
  • URI:http://cdp.thawte.com/ThawteRSACA2018.crl
certificatePolicies
  • Policy: 2.16.840.1.114412.1.1
  • CPS: https://www.digicert.com/CPS
  • Policy: 2.23.140.1.2.2
authorityInfoAccess
  • OCSP - URI:http://status.thawte.com
  • CA Issuers - URI:http://cacerts.thawte.com/ThawteRSACA2018.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A4:B9:09:90:B4:18:58:14:87:BB:13:A2:CC:67:70:0A:
  • 3C:35:98:04:F9:1B:DF:B8:E3:77:CD:0E:C8:0D:DC:10
  • Timestamp : Sep 24 11:30:56.990 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:E1:A4:F3:8A:04:04:70:F5:01:EA:C7:
  • C2:9F:FA:AE:AC:29:12:92:20:A6:6C:32:96:F3:85:66:
  • BF:1C:4D:E0:EF:02:20:60:FB:35:19:E2:17:31:30:12:
  • 4D:BC:6F:BF:5A:33:B6:CC:E4:54:90:80:2E:7B:50:5E:
  • 05:DA:33:85:E6:99:F1
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 87:75:BF:E7:59:7C:F8:8C:43:99:5F:BD:F3:6E:FF:56:
  • 8D:47:56:36:FF:4A:B5:60:C1:B4:EA:FF:5E:A0:83:0F
  • Timestamp : Sep 24 11:30:57.211 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:CB:A1:CF:A2:54:A1:EC:9C:91:A4:71:
  • 6B:28:47:FB:55:AB:93:69:0C:5D:62:79:02:58:1B:15:
  • E7:C2:E9:36:62:02:20:57:77:D1:BA:28:2F:4E:AA:99:
  • AF:7A:91:69:66:12:5E:0B:06:FE:B2:57:DC:DA:85:AA:
  • 0B:D2:AA:70:8F:4D:E0
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : BB:D9:DF:BC:1F:8A:71:B5:93:94:23:97:AA:92:7B:47:
  • 38:57:95:0A:AB:52:E8:1A:90:96:64:36:8E:1E:D1:85
  • Timestamp : Sep 24 11:30:57.000 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:0F:F8:21:29:E2:50:91:51:A8:8C:57:0E:
  • D8:85:68:13:7A:0C:74:1B:9D:54:93:FC:C2:5A:B9:1C:
  • B0:4E:C1:EA:02:20:4F:E0:DA:BE:CD:C4:72:DF:8A:C9:
  • 4D:6F:30:D1:EE:01:7F:1D:FE:93:6D:D0:37:2E:C6:40:
  • 54:BB:4A:85:D4:6A