SSL-Tools

SSL check results of stemai.eu

NEW You can also bulk check multiple servers.

Discover if the mail servers for stemai.eu can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 27 Jan 2025 01:30:25 +0000

The mailservers of stemai.eu can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @stemai.eu addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
srv01.stemai.eu
2a01:4f8:c17:cf23::1
 10
supported
srv01.stemai.eu
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
7 s
srv01.stemai.eu
138.201.185.230
 10
supported
srv01.stemai.eu
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
7 s

Outgoing Mails

We have not received any emails from a @stemai.eu address so far. Test mail delivery

Certificates

First seen at:

CN=srv01.stemai.eu

Certificate chain
  • srv01.stemai.eu
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R10
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • srv01.stemai.eu
Alternative Names
  • srv01.stemai.eu
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R10
validity period
Not valid before
2025-01-19
Not valid after
2025-04-19
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
66:42:E1:FF:D9:A9:4F:4B:12:94:A3:C5:B4:B1:B1:49:07:E3:E7:41:BB:89:42:AD:7B:82:7A:4A:06:13:DF:A8
SHA1
6F:FD:2F:01:DA:33:14:CA:BB:AF:F3:3F:7F:72:B7:B2:8F:B0:AC:A2
X509v3 extensions
subjectKeyIdentifier
  • 01:B4:A5:8B:79:23:BD:F7:D2:D1:63:AA:A3:F9:8D:DF:FE:5B:28:61
authorityKeyIdentifier
  • keyid:BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
authorityInfoAccess
  • OCSP - URI:http://r10.o.lencr.org
  • CA Issuers - URI:http://r10.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : E0:92:B3:FC:0C:1D:C8:E7:68:36:1F:DE:61:B9:96:4D:
  • 0A:52:78:19:8A:72:D6:72:C4:B0:4D:A5:6D:6F:54:04
  • Timestamp : Jan 19 02:04:46.914 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:76:8A:ED:E7:4B:C0:2E:0E:4E:C1:A4:89:
  • 9E:CD:A8:4B:89:6A:C8:8D:93:EE:9D:56:4A:D2:9F:2D:
  • 3F:D4:CB:78:02:20:57:C5:B4:5D:6B:F9:C8:64:4D:5D:
  • C4:E7:E7:67:7D:80:5F:81:22:4A:D9:BD:24:6E:53:56:
  • DD:55:4A:C8:07:C6
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
  • D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
  • Timestamp : Jan 19 02:04:46.938 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:B6:9D:4B:04:3C:3C:92:50:B9:37:F9:
  • DC:A2:29:E4:C6:5E:DF:4D:AE:FF:84:6C:92:EF:C4:83:
  • DD:CF:EF:F6:08:02:20:47:48:5C:DC:67:95:24:10:E1:
  • 3F:AD:3F:ED:37:6B:CF:9A:8E:8D:71:95:B0:20:B9:3E:
  • 9D:22:BC:CE:4E:F8:2A

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.srv01.stemai.eu
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid