socar.az - TLS / STARTTLS Test

Discover if the mail servers for socar.az can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 15 Apr 2025 12:01:59 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Missing

The mailservers of socar.az can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @socar.az addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mx01.socar.az 31.170.238.153	5	supported	*.socar.az	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 ~~SSLv3~~	2025-04-15 5 s
mx02.socar.az 31.170.238.152	5	supported	*.socar.az	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 ~~SSLv3~~	2025-04-15 5 s

Outgoing Mails

We have not received any emails from a @socar.az address so far. Test mail delivery

Certificates

First seen at: 2025-04-15

CN=*.socar.az,O=SOCAR,L=Baku,C=AZ

Certificate chain

*.socar.az
- 2025-12-29 remaining
- 2048 bit
- sha256WithRSAEncryption

Subject

Country (C)

Locality (L)

Baku

Organization (O)

SOCAR

Common Name (CN)

*.socar.az

Alternative Names

*.socar.az
socar.az
*.socar.biz
socar.biz

Issuer

Country (C)

Organization (O)

DigiCert Inc

Organizational Unit (OU)

www.digicert.com

Common Name (CN)

GeoTrust TLS RSA CA G1

validity period

Not valid before: 2024-12-13
Not valid after: 2025-12-29

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 82:77:E9:16:B5:0D:AD:66:F8:BD:AE:14:95:A3:F5:98:6E:9E:28:2E:BA:25:11:DD:65:09:26:3C:AD:66:5D:68
SHA1: 43:5A:11:0C:D8:28:51:B7:1D:F0:11:1A:1E:3F:2F:86:00:96:CA:A4

X509v3 extensions

authorityKeyIdentifier

keyid:94:4F:D4:5D:8B:E4:A4:E2:A6:80:FE:FD:D8:F9:00:EF:A3:BE:02:57

subjectKeyIdentifier

C1:0E:30:32:3D:DE:B9:81:A7:3C:14:08:CB:04:F9:8B:99:1C:C9:5E

certificatePolicies

Policy: 2.23.140.1.2.2
CPS: http://www.digicert.com/CPS

crlDistributionPoints

Full Name:
URI:http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl

authorityInfoAccess

OCSP - URI:http://status.geotrust.com
CA Issuers - URI:http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
Timestamp : Dec 13 05:50:43.867 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:2C:97:A0:0A:24:09:1F:AB:11:7A:B2:49:
DD:C3:C6:F5:54:A2:EF:F0:E7:96:B5:8A:DA:C5:E0:DB:
B4:B5:54:44:02:21:00:BE:08:F9:76:44:44:CC:18:55:
78:42:AA:01:C3:DD:97:5E:D2:6E:B9:A9:2A:D4:46:9B:
CA:CF:BB:E8:CF:56:3B
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : ED:3C:4B:D6:E8:06:C2:A4:A2:00:57:DB:CB:24:E2:38:
01:DF:51:2F:ED:C4:86:C5:70:0F:20:DD:B7:3E:3F:E0
Timestamp : Dec 13 05:50:43.809 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:6D:CF:77:FB:32:F0:28:7C:30:12:68:EE:
67:7B:C2:C9:75:8F:C5:CC:BB:81:55:9C:47:7A:FB:FE:
BA:F1:3F:CD:02:21:00:DC:3F:BB:C6:01:D4:77:56:5A:
D1:04:2D:EA:F6:95:E8:0F:2B:5F:52:C8:E6:A3:8D:0C:
33:06:D6:63:E1:D2:8E
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
Timestamp : Dec 13 05:50:43.828 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:C4:E3:CE:B3:52:AD:78:DB:DA:00:A7:
4B:88:A8:0A:09:DF:A3:CB:6C:32:C5:05:2D:08:C7:16:
BB:54:19:BA:E5:02:21:00:F5:EF:85:83:3B:2A:9C:AC:
11:FC:21:08:02:97:AE:91:6C:CD:45:ED:64:48:F3:E0:
2C:11:28:75:29:B6:96:00

SSL check results of socar.az