SSL-Tools

SSL check results of sjolseth.casa

NEW You can also bulk check multiple servers.

Discover if the mail servers for sjolseth.casa can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Wed, 11 Dec 2024 01:32:16 +0000

The mailservers of sjolseth.casa can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @sjolseth.casa addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
smtp.sjolseth.casa
2604:d700:4107:a00::1
 10
supported
smtp.sjolseth.casa
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • SSLv3
9 s
smtp.sjolseth.casa
50.28.103.71
 10
supported
smtp.sjolseth.casa
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • SSLv3
9 s

Outgoing Mails

We have not received any emails from a @sjolseth.casa address so far. Test mail delivery

Certificates

First seen at:

CN=smtp.sjolseth.casa

Certificate chain
  • smtp.sjolseth.casa
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • smtp.sjolseth.casa
Alternative Names
  • smtp.sjolseth.casa
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2024-12-05
Not valid after
2025-03-05
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
91:74:F2:39:5E:C8:D3:0D:AF:70:29:B5:ED:42:45:6B:A2:AD:51:E7:F0:2F:57:E6:57:61:28:B2:E0:27:2B:49
SHA1
5F:8C:D5:FB:82:4D:86:A5:08:0E:2F:5D:33:70:AD:DB:FE:E9:E8:47
X509v3 extensions
subjectKeyIdentifier
  • F5:E5:CC:AB:67:7B:4A:E8:A1:8B:8F:74:18:93:43:91:64:81:CE:D1
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • OCSP - URI:http://r11.o.lencr.org
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
  • 1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
  • Timestamp : Dec 5 21:38:06.063 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:8C:A7:08:5B:3F:B9:75:BA:A7:87:60:
  • 4F:2B:E2:80:E0:6A:FA:52:46:2B:E8:55:C4:92:E2:26:
  • 22:A8:90:BB:DF:02:20:39:09:FA:06:DB:75:B8:BA:FF:
  • AB:36:10:84:CB:50:18:0A:2F:1E:9D:37:8A:B2:13:ED:
  • 77:AC:F2:62:25:2F:3B
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
  • 16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
  • Timestamp : Dec 5 21:38:06.219 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:84:17:E3:0B:64:6B:3B:80:EA:8F:F0:
  • C7:B2:01:E1:83:BB:C5:72:C6:71:99:E3:2E:6D:83:B0:
  • A8:38:C6:2D:52:02:20:4C:0B:AE:81:61:3A:72:35:D4:
  • 32:87:77:B9:C7:77:91:5E:C4:BE:A0:7D:71:D1:97:10:
  • 88:1A:8A:6A:2B:BC:67

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.smtp.sjolseth.casa
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid