SSL-Tools

SSL check results of rrb.gov

NEW You can also bulk check multiple servers.

Discover if the mail servers for rrb.gov can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 26 May 2020 22:00:10 +0000

We can not guarantee a secure connection to the mailservers of rrb.gov!

Please contact the operator of rrb.gov and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/rrb.gov

Servers

Incoming Mails

These servers are responsible for incoming mails to @rrb.gov addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
exchange.rrb.gov
65.117.137.25
 10
supported
Exchange.rrb.gov
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • SSLv3
17 s
exchange2.rrb.gov
65.117.137.26
Results incomplete
20
supported
not checked
DANE
missing
PFS
unsupported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @rrb.gov address so far. Test mail delivery

Certificates

First seen at:

CN=Exchange.rrb.gov,O=US Railroad Retirement Board,L=Chicago,ST=Illinois,C=US

Certificate chain
Subject
Country (C)
  • US
State (ST)
  • Illinois
Locality (L)
  • Chicago
Organization (O)
  • US Railroad Retirement Board
Common Name (CN)
  • Exchange.rrb.gov
Alternative Names
  • Exchange.rrb.gov
  • www.Exchange.rrb.gov
Issuer
Country (C)
  • US
Organization (O)
  • Entrust, Inc.
Organizational Unit (OU)
  • See www.entrust.net/legal-terms
  • (c) 2012 Entrust, Inc. - for authorized use only
Common Name (CN)
  • Entrust Certification Authority - L1K
validity period
Not valid before
2020-02-12
Not valid after
2021-03-13
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
Fingerprints
SHA256
A3:78:F4:DB:B0:1D:FE:6A:33:73:D6:C1:93:EC:6A:D4:AE:5D:D4:AD:FC:1F:4C:A9:B3:6D:A0:4F:EC:51:B9:7D
SHA1
88:44:BF:42:E7:E6:33:54:69:DC:A5:6E:D8:E8:F9:42:B0:93:2A:32
X509v3 extensions
crlDistributionPoints
  • Full Name:
  • URI:http://crl.entrust.net/level1k.crl
certificatePolicies
  • Policy: 2.16.840.1.114028.10.1.5
  • CPS: http://www.entrust.net/rpa
  • Policy: 2.23.140.1.2.2
authorityInfoAccess
  • OCSP - URI:http://ocsp.entrust.net
  • CA Issuers - URI:http://aia.entrust.net/l1k-chain256.cer
authorityKeyIdentifier
  • keyid:82:A2:70:74:DD:BC:53:3F:CF:7B:D4:F7:CD:7F:A7:60:C6:0A:4C:BF
subjectKeyIdentifier
  • B5:E0:4C:FC:64:3E:28:4E:58:F8:F5:13:9A:D1:94:BB:E4:56:69:88