SSL-Tools

SSL check results of prosoz.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for prosoz.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Wed, 08 Apr 2026 08:37:18 +0000

The mailservers of prosoz.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @prosoz.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx1.herten.de
85.119.208.22
Results incomplete
10 not checked
DANE
errors
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
mx2.herten.de
85.119.208.20
 10
supported
*.herten.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @prosoz.de address so far. Test mail delivery

Certificates

First seen at:

CN=*.herten.de,O=Hertener Stadtwerke GmbH,L=Herten,ST=Nordrhein-Westfalen,C=DE

Certificate chain
Subject
Country (C)
  • DE
State (ST)
  • Nordrhein-Westfalen
Locality (L)
  • Herten
Organization (O)
  • Hertener Stadtwerke GmbH
Common Name (CN)
  • *.herten.de
Alternative Names
  • *.herten.de
  • herten.de
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Organizational Unit (OU)
  • www.digicert.com
Common Name (CN)
  • GeoTrust TLS RSA CA G1
validity period
Not valid before
2025-06-12
Not valid after
2026-06-11
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
1F:E5:CC:85:A5:FF:A0:B5:23:F3:4A:68:DE:11:88:2C:6A:7A:33:88:28:07:C8:F7:4C:00:B4:EE:C1:35:98:EF
SHA1
C7:17:5D:C6:F1:40:8F:9A:D7:DF:A7:A0:F6:E2:35:EB:F7:A2:D8:4F
X509v3 extensions
authorityKeyIdentifier
  • keyid:94:4F:D4:5D:8B:E4:A4:E2:A6:80:FE:FD:D8:F9:00:EF:A3:BE:02:57
subjectKeyIdentifier
  • C3:67:4A:87:70:CB:C0:33:C4:83:3B:0B:17:1E:28:AD:2A:10:58:2A
certificatePolicies
  • Policy: 2.23.140.1.2.2
  • CPS: http://www.digicert.com/CPS
crlDistributionPoints
  • Full Name:
  • URI:http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl
authorityInfoAccess
  • OCSP - URI:http://status.geotrust.com
  • CA Issuers - URI:http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 0E:57:94:BC:F3:AE:A9:3E:33:1B:2C:99:07:B3:F7:90:
  • DF:9B:C2:3D:71:32:25:DD:21:A9:25:AC:61:C5:4E:21
  • Timestamp : Jun 12 12:37:09.118 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:2F:72:BE:87:9D:3C:FA:CE:A2:EB:90:5C:
  • 1E:53:3C:66:8C:1B:FF:D5:D4:F1:FE:45:E1:9A:00:69:
  • 33:BB:06:3B:02:20:56:5A:8F:D9:8B:8B:B2:41:96:02:
  • 68:34:BD:D0:FC:89:6D:36:B7:27:6E:4F:E3:8E:78:00:
  • 62:9B:21:A9:D1:EA
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 64:11:C4:6C:A4:12:EC:A7:89:1C:A2:02:2E:00:BC:AB:
  • 4F:28:07:D4:1E:35:27:AB:EA:FE:D5:03:C9:7D:CD:F0
  • Timestamp : Jun 12 12:37:09.042 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:2C:7A:D8:91:61:3F:FC:21:95:63:DD:AE:
  • 1D:A4:C3:C4:CB:24:1C:02:6D:47:D0:6F:FF:28:97:05:
  • 1E:3B:18:63:02:20:52:EA:22:31:54:4A:3C:8F:88:EB:
  • 06:8B:5F:14:24:66:67:80:C2:98:8E:B4:0F:48:6E:CF:
  • 76:30:EC:65:56:4A
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 49:9C:9B:69:DE:1D:7C:EC:FC:36:DE:CD:87:64:A6:B8:
  • 5B:AF:0A:87:80:19:D1:55:52:FB:E9:EB:29:DD:F8:C3
  • Timestamp : Jun 12 12:37:09.061 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:07:1E:04:78:F5:B3:DA:65:F3:D2:BD:86:
  • 6E:CC:3A:A6:D6:AC:C6:2D:DC:5A:93:3B:A7:B8:28:30:
  • 72:5B:77:D5:02:21:00:B0:6B:56:08:B1:40:0C:C4:E0:
  • 6F:03:6B:C5:9C:03:9B:B8:57:6D:C4:DB:FA:10:88:6C:
  • 20:37:71:64:C4:1A:46

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx1.herten.de
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
_25._tcp.mx2.herten.de
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid