SSL-Tools

SSL check results of stassi.ch

NEW You can also bulk check multiple servers.

Discover if the mail servers for stassi.ch can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 28 Jan 2025 07:28:32 +0000

The mailservers of stassi.ch can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @stassi.ch addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx1.serv-cloud.com
2a01:4f8:1c1b:8ff7::1
 10
supported
mx1.serv-cloud.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
8 s
mx1.serv-cloud.com
128.140.33.171
 10
supported
mx1.serv-cloud.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
8 s
mx2.serv-cloud.com
2a01:4f9:c011:a59c::1
 10
supported
mx2.serv-cloud.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
8 s
mx2.serv-cloud.com
95.216.170.227
 10
supported
mx2.serv-cloud.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
7 s

Outgoing Mails

We have received emails from these servers with @stassi.ch sender addresses. Test mail delivery

Host TLS Version & Cipher
mx2.serv.site (78.46.240.96)
TLSv1.3 TLS_AES_256_GCM_SHA384

Certificates

First seen at:

CN=mx1.serv-cloud.com

Certificate chain
  • mx1.serv-cloud.com
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mx1.serv-cloud.com
Alternative Names
  • mx1.serv-cloud.com
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2025-01-28
Not valid after
2025-04-28
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
6F:3C:3D:2A:5A:B0:1D:FC:09:BC:56:F9:43:74:AB:B7:42:A9:44:F1:75:9F:55:17:FE:A4:B1:26:A0:5B:C9:10
SHA1
F6:7A:65:FD:AA:F2:E1:76:D0:95:21:0C:5F:13:CC:92:AD:88:D0:DC
X509v3 extensions
subjectKeyIdentifier
  • 73:EA:7B:82:C7:4F:A3:93:46:DD:B4:3B:1C:56:CE:74:67:7C:F1:F6
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • OCSP - URI:http://r11.o.lencr.org
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
  • 87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
  • Timestamp : Jan 28 01:17:44.874 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:5B:FC:05:9A:CB:60:07:3D:4D:6D:5A:EA:
  • 04:AD:AE:61:56:BF:88:28:7B:76:6A:8D:CE:C1:FB:B5:
  • 89:AB:C5:72:02:21:00:E5:D6:82:6D:0C:11:8A:CA:91:
  • 13:E4:E1:34:61:1D:6C:04:DF:24:83:72:2A:29:1C:FA:
  • 72:99:9F:A1:DC:2F:FA
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
  • 22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
  • Timestamp : Jan 28 01:17:44.881 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:B1:CA:BF:96:CA:2F:97:7E:42:E8:E2:
  • 84:DE:11:8A:61:93:E4:9D:D6:2D:30:13:6F:5A:D8:53:
  • 10:2F:E4:7A:8A:02:21:00:84:AF:82:A5:F5:41:8E:14:
  • 6F:4E:39:BF:E9:8A:66:DE:56:C7:03:40:8F:18:9E:65:
  • BD:F3:E1:8B:6E:A4:06:46
First seen at:

CN=mx2.serv-cloud.com

Certificate chain
  • mx2.serv-cloud.com
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R10
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mx2.serv-cloud.com
Alternative Names
  • mx2.serv-cloud.com
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R10
validity period
Not valid before
2025-01-27
Not valid after
2025-04-27
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
5F:15:17:6B:DF:4D:96:99:F3:F3:DD:EA:B8:00:F3:BE:FC:78:D5:79:A2:35:F3:8A:58:F4:B9:36:33:24:9C:FE
SHA1
14:65:53:05:1D:21:DD:37:B5:6D:C7:4D:92:9B:DA:4C:8D:C5:E1:DC
X509v3 extensions
subjectKeyIdentifier
  • A6:C0:A3:78:64:29:2C:67:F6:22:9D:67:81:77:55:E2:94:9A:D7:D7
authorityKeyIdentifier
  • keyid:BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
authorityInfoAccess
  • OCSP - URI:http://r10.o.lencr.org
  • CA Issuers - URI:http://r10.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
  • D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
  • Timestamp : Jan 27 03:21:19.239 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:BB:A4:25:89:96:1C:3A:2E:C6:9D:26:
  • 65:60:BF:4E:25:FF:0B:12:4A:EF:C5:1D:DC:45:84:94:
  • C9:35:37:32:1C:02:21:00:A7:3C:03:11:47:C2:0E:E9:
  • 09:C3:71:E3:A3:2C:3D:CA:F1:BF:85:9B:35:98:B6:A9:
  • 14:AA:91:56:0D:15:CA:C0
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
  • 22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
  • Timestamp : Jan 27 03:21:19.250 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:05:66:42:B2:50:D0:1E:07:95:F6:79:8D:
  • 50:E4:AE:A2:F2:03:E5:35:5A:51:D7:AE:D4:04:FB:57:
  • 40:1F:BB:94:02:20:08:FD:57:96:D9:9F:0D:D1:8B:CB:
  • 95:A9:E1:16:83:A0:30:02:7F:9F:A1:94:9F:81:43:A6:
  • B2:2A:2C:8C:E1:5D

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx1.serv-cloud.com
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mx1.serv-cloud.com
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mx2.serv-cloud.com
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mx2.serv-cloud.com
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid