rehkitzrettung.ch - TLS / STARTTLS Test

Discover if the mail servers for rehkitzrettung.ch can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Fri, 24 Mar 2023 14:04:00 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Missing

The mailservers of rehkitzrettung.ch can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @rehkitzrettung.ch addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
s067.cyon.net 2a01:ab20:0:4::76	0	supported	*.cyon.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-03-24 2 s
s067.cyon.net 149.126.4.76	0	supported	*.cyon.net	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2023-03-24 1 s

Outgoing Mails

We have not received any emails from a @rehkitzrettung.ch address so far. Test mail delivery

Certificates

First seen at: 2023-03-24

CN=*.cyon.net

Certificate chain

*.cyon.net
- 2023-10-17 remaining
- 2048 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

*.cyon.net

Alternative Names

*.cyon.net
cyon.net

Issuer

Country (C)

Organization (O)

GlobalSign nv-sa

Common Name (CN)

AlphaSSL CA - SHA256 - G2

validity period

Not valid before: 2022-09-15
Not valid after: 2023-10-17

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 7E:99:0A:E4:02:72:21:8E:9B:DB:DE:8B:60:C1:03:A1:0F:AC:C0:F1:AE:59:3A:12:A9:B5:13:6E:36:B2:B5:B1
SHA1: 57:99:9E:21:E2:56:74:BB:EB:E1:22:D2:6C:1D:11:BD:6B:3A:B5:22

X509v3 extensions

authorityInfoAccess

CA Issuers - URI:http://secure.globalsign.com/cacert/gsalphasha2g2r1.crt
OCSP - URI:http://ocsp2.globalsign.com/gsalphasha2g2

certificatePolicies

Policy: 1.3.6.1.4.1.4146.1.10.10
CPS: https://www.globalsign.com/repository/
Policy: 2.23.140.1.2.1

crlDistributionPoints

Full Name:
URI:http://crl.globalsign.com/gs/gsalphasha2g2.crl

authorityKeyIdentifier

keyid:F5:CD:D5:3C:08:50:F9:6A:4F:3A:B7:97:DA:56:83:E6:69:D2:68:F7

subjectKeyIdentifier

F0:B5:FA:40:3E:99:82:8D:81:77:92:A4:3F:6A:D5:02:35:B9:97:A3

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
Timestamp : Sep 15 05:37:21.329 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:F7:27:5D:05:D3:C0:BD:EF:64:3E:EC:
BD:38:0F:03:99:02:90:FD:97:01:62:F7:0D:9A:98:51:
E4:DA:4F:08:F0:02:21:00:B8:5C:AB:FD:BF:55:FD:84:
55:6D:22:7A:31:BE:64:B4:86:0C:52:2A:5E:FA:10:09:
4C:45:AF:8E:9E:13:6D:94
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 55:81:D4:C2:16:90:36:01:4A:EA:0B:9B:57:3C:53:F0:
C0:E4:38:78:70:25:08:17:2F:A3:AA:1D:07:13:D3:0C
Timestamp : Sep 15 05:37:21.365 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:E2:0D:6B:E2:A7:94:4C:8F:33:CB:94:
82:8B:D6:34:FE:2C:12:30:E3:7E:C1:9A:4E:1B:CF:F5:
46:67:4C:DF:61:02:21:00:C7:D5:A7:FC:23:B0:CD:43:
D0:0F:65:D6:DE:66:A1:A0:02:8D:DC:FF:1F:4E:21:16:
62:45:2A:4C:67:0D:A9:93
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : AD:F7:BE:FA:7C:FF:10:C8:8B:9D:3D:9C:1E:3E:18:6A:
B4:67:29:5D:CF:B1:0C:24:CA:85:86:34:EB:DC:82:8A
Timestamp : Sep 15 05:37:21.398 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:11:5E:3C:FF:1C:B3:8A:0A:05:AF:21:7B:
67:CA:E1:7C:D6:CE:AF:F4:46:D6:2F:CE:1E:05:56:8F:
FD:50:3E:C6:02:20:3A:8D:50:8D:84:24:1C:0C:71:C5:
AB:F1:02:9E:EB:44:5B:79:0B:88:77:FB:6A:47:0C:59:
6C:44:8D:90:DD:5D

SSL check results of rehkitzrettung.ch