SSL-Tools

SSL check results of steckervps.benstecker.nl

NEW You can also bulk check multiple servers.

Discover if the mail servers for steckervps.benstecker.nl can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Fri, 14 Mar 2025 01:34:03 +0000

We can not guarantee a secure connection to the mailservers of steckervps.benstecker.nl!

Please contact the operator of steckervps.benstecker.nl and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/steckervps.benstecker.nl

Servers

Incoming Mails

These servers are responsible for incoming mails to @steckervps.benstecker.nl addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.benstecker.nl
2a01:7c8:bb09:8c:5054:ff:fe01:23da
 10
supported
steckervps.benstecker.nl
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mail.benstecker.nl
85.10.132.47
 10
supported
steckervps.benstecker.nl
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
relay.transip.nl
2a01:7c8:7c8::12
Results incomplete
20
supported
not checked
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
relay.transip.nl
2a01:7c8:7c8::29
Results incomplete
20
supported
not checked
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
relay.transip.nl
149.210.149.12
Results incomplete
20
supported
not checked
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
relay.transip.nl
149.210.149.29
Results incomplete
20
supported
not checked
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Outgoing Mails

We have not received any emails from a @steckervps.benstecker.nl address so far. Test mail delivery

Certificates

First seen at:

CN=steckervps.benstecker.nl

Certificate chain
  • steckervps.benstecker.nl
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
    • Hostname Mismatch
      • R10
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • steckervps.benstecker.nl
Alternative Names
  • steckervps.benstecker.nl
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R10
validity period
Not valid before
2025-02-05
Not valid after
2025-05-06
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
96:28:47:C8:26:04:9A:77:2B:99:2D:F1:EE:90:53:EF:B0:C7:8D:2C:B6:35:B7:F7:09:13:19:E2:CD:5B:CE:54
SHA1
54:CF:B8:7C:32:54:A7:CA:5D:36:EE:C9:27:E9:38:F1:32:93:51:11
X509v3 extensions
subjectKeyIdentifier
  • 21:15:2D:5C:27:DB:F4:84:D7:3A:CC:30:AD:77:94:20:C2:7F:39:A5
authorityKeyIdentifier
  • keyid:BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
authorityInfoAccess
  • OCSP - URI:http://r10.o.lencr.org
  • CA Issuers - URI:http://r10.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
  • 1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
  • Timestamp : Feb 5 20:11:22.644 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:BD:D0:CB:F2:94:39:35:5A:80:3B:C0:
  • C4:A2:CF:4B:65:B0:A5:88:58:D7:26:ED:FD:A4:50:4F:
  • 1C:21:58:AA:3E:02:21:00:D4:26:97:76:46:AB:A8:E6:
  • C3:71:4D:63:F0:A3:1D:C4:F1:7E:81:47:10:1D:C4:A8:
  • 59:51:DB:8F:F0:41:91:F7
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
  • 16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
  • Timestamp : Feb 5 20:11:22.966 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:2A:F7:56:86:13:F0:F6:FD:C5:73:08:AB:
  • 3A:BF:14:7F:83:C8:56:DF:38:FD:52:8C:1F:74:A2:46:
  • C2:B7:88:E9:02:20:36:DA:93:70:02:6D:88:3A:3A:BA:
  • 7E:E7:D0:88:73:C3:88:EB:BF:5E:5C:8E:DB:28:91:20:
  • 30:BC:78:82:E6:42

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.relay.transip.nl
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid