SSL-Tools

SSL check results of ratec.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for ratec.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 16 Aug 2022 11:52:07 +0000

We can not guarantee a secure connection to the mailservers of ratec.de!

Please contact the operator of ratec.de and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/ratec.de

Servers

Incoming Mails

These servers are responsible for incoming mails to @ratec.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail2.ratec.de
62.55.136.233
 10
supported
Mail01
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
mail.ud10.udmedia.de
2a05:d580:0:1337::32
Results incomplete
20
supported
not checked
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
mail.ud10.udmedia.de
194.117.254.50
Results incomplete
20
supported
not checked
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Outgoing Mails

We have not received any emails from a @ratec.de address so far. Test mail delivery

Certificates

First seen at:

CN=Mail01

Certificate chain
  • Mail01 (Certificate is self-signed.)
    • remaining
    • 2048 bit
    • sha1WithRSAEncryption
    • Hostname Mismatch
    • Unknown Authority
Subject
Common Name (CN)
  • Mail01
Alternative Names
  • Mail01
  • Mail01.internal.ratec.de
Issuer

Certificate is self-signed.

validity period
Not valid before
2021-06-01
Not valid after
2026-06-01
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
Fingerprints
SHA256
08:B7:C8:7C:8D:09:B8:9C:0E:73:CB:C6:52:27:0F:91:FC:2F:F7:07:10:0D:6E:E4:45:92:CF:C1:A4:8A:57:29
SHA1
BB:65:9F:48:88:27:6C:59:7B:71:67:06:23:D5:6B:A3:CB:B4:6E:3E

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.ud10.udmedia.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mail.ud10.udmedia.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid