SSL-Tools

SSL check results of rocrou.eu

NEW You can also bulk check multiple servers.

Discover if the mail servers for rocrou.eu can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sat, 12 Apr 2025 21:50:20 +0000

The mailservers of rocrou.eu can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @rocrou.eu addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.mythiccloud.net
2a12:de40:21:8099::
 5
supported
*.mythiccloud.net
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
6 s
mail.mythiccloud.net
88.151.194.140
 5
supported
*.mythiccloud.net
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
3 s

Outgoing Mails

We have not received any emails from a @rocrou.eu address so far. Test mail delivery

Certificates

First seen at:

CN=*.mythiccloud.net

Certificate chain
  • *.mythiccloud.net
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • *.mythiccloud.net
Alternative Names
  • *.mythiccloud.net
  • mythiccloud.net
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2025-04-06
Not valid after
2025-07-05
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
6F:E0:38:20:4F:0A:28:31:6F:79:7F:8B:67:2D:46:80:39:66:BE:FA:13:FA:A7:11:3D:B0:30:50:3F:76:DA:B5
SHA1
EE:B8:B3:49:C7:BB:6F:DE:2D:5F:C7:66:8A:F6:B2:AB:93:70:F1:7E
X509v3 extensions
subjectKeyIdentifier
  • B3:D1:F3:B5:6D:4E:A4:FF:22:32:FA:0A:7B:8F:53:D1:8A:E9:C1:16
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • OCSP - URI:http://r11.o.lencr.org
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r11.c.lencr.org/21.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
  • 87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
  • Timestamp : Apr 6 19:55:06.005 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:53:89:1F:01:68:AC:77:9B:87:87:DD:A7:
  • 1E:7A:01:B7:36:59:3A:BC:B0:D8:86:9C:17:05:75:D6:
  • 28:9C:2C:89:02:21:00:89:41:B8:F1:BA:FA:5F:76:F1:
  • AA:64:0F:C2:50:D0:43:55:B0:B9:00:15:0A:22:FA:46:
  • E2:8B:8E:68:03:B0:D4
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
  • 3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
  • Timestamp : Apr 6 19:55:06.088 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:1D:6F:9E:4A:53:E9:C2:F3:A1:F9:6B:67:
  • 64:22:9F:76:31:16:AC:D0:89:90:2F:96:86:4F:83:BF:
  • 6E:FE:20:FA:02:20:5D:91:53:7C:18:25:F9:D4:FC:B2:
  • 30:98:06:CA:D0:FE:D2:08:FB:44:DD:EA:C5:6D:33:B2:
  • 54:ED:06:5E:71:CE

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.mythiccloud.net
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid