SSL check results of student.kit.edu

NEW You can also bulk check multiple servers.

Discover if the mail servers for student.kit.edu can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Tue, 13 Aug 2019 11:07:01 +0000

We can not guarantee a secure connection to the mailservers of student.kit.edu!

Please contact the operator of student.kit.edu and ask him or her to solve this problem. This result stays accessible under the following address:

https://ssl-tools.net/mailservers/student.kit.edu

Servers

Incoming Mails

These servers are responsible for incoming mails to @student.kit.edu addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
scc-spamtrap-no-smtp-here.scc.kit.edu
129.13.174.160
Results incomplete
5 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
scc-mailin-cn-01.scc.kit.edu
2a00:1398:9:f711::8d34:d7d2
10
supported
scc-mailin-cn-01.scc.kit.edu
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
scc-mailin-cn-01.scc.kit.edu
141.52.226.150
10
supported
scc-mailin-cn-01.scc.kit.edu
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
scc-mailin-cs-01.scc.kit.edu
2a00:1398:9:f710::810d:ae8c
10
supported
scc-mailin-cs-01.scc.kit.edu
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
scc-mailin-cs-01.scc.kit.edu
129.13.174.140
10
supported
scc-mailin-cs-01.scc.kit.edu
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
scc-spamtrap-always-defer.scc.kit.edu
129.13.174.161
100
supported
scc-spamtrap-always-defer.scc.kit.edu
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @student.kit.edu address so far. Test mail delivery

Certificates

First seen at:

CN=scc-mailin-cn-01.scc.kit.edu,O=Karlsruhe Institute of Technology,L=Karlsruhe,ST=Baden-Wuerttemberg,C=DE

Certificate chain
Subject
Country (C)
  • DE
State (ST)
  • Baden-Wuerttemberg
Locality (L)
  • Karlsruhe
Organization (O)
  • Karlsruhe Institute of Technology
Common Name (CN)
  • scc-mailin-cn-01.scc.kit.edu
Alternative Names
  • scc-mailin-cn-01.scc.kit.edu
Issuer
Country (C)
  • DE
State (ST)
  • Baden-Wuerttemberg
Locality (L)
  • Karlsruhe
Organization (O)
  • Karlsruhe Institute of Technology
Common Name (CN)
  • KIT-CA
validity period
Not valid before
2017-07-12
Not valid after
2020-10-08
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Client Authentication
  • TLS Web Server Authentication
Fingerprints
SHA256
B0:82:80:F9:B4:B5:5A:F9:B9:5E:A5:16:20:1E:48:0B:DF:05:9B:6C:71:06:DC:5D:A2:37:F4:13:EC:A1:87:B0
SHA1
37:B3:E2:0E:D3:76:E9:F3:98:F0:49:1D:44:A2:E6:E2:85:86:2F:31
X509v3 extensions
subjectKeyIdentifier
  • 40:D0:D2:CF:BD:E9:6C:97:43:C8:85:F4:29:69:83:D0:03:02:BC:11
authorityKeyIdentifier
  • keyid:04:1A:BF:1C:93:91:3D:D3:D9:3D:B0:DE:13:23:E5:9A:70:F4:2E:08
crlDistributionPoints
  • Full Name:
  • URI:http://cdp1.pca.dfn.de/kit-ca-g2/pub/crl/cacrl.crl
  • Full Name:
  • URI:http://cdp2.pca.dfn.de/kit-ca-g2/pub/crl/cacrl.crl
authorityInfoAccess
  • OCSP - URI:http://ocsp.pca.dfn.de/OCSP-Server/OCSP
  • CA Issuers - URI:http://cdp1.pca.dfn.de/kit-ca-g2/pub/cacert/cacert.crt
  • CA Issuers - URI:http://cdp2.pca.dfn.de/kit-ca-g2/pub/cacert/cacert.crt
certificatePolicies
  • Policy: 1.3.6.1.4.1.22177.300.1.1.4.3.5
  • Policy: 1.3.6.1.4.1.22177.300.2.1.4.3.1
  • Policy: 1.3.6.1.4.1.22177.300.1.1.4
  • Policy: 1.3.6.1.4.1.22177.300.30
  • Policy: 2.23.140.1.2.2
First seen at:

CN=scc-mailin-cs-01.scc.kit.edu,O=Karlsruhe Institute of Technology,L=Karlsruhe,ST=Baden-Wuerttemberg,C=DE

Certificate chain
Subject
Country (C)
  • DE
State (ST)
  • Baden-Wuerttemberg
Locality (L)
  • Karlsruhe
Organization (O)
  • Karlsruhe Institute of Technology
Common Name (CN)
  • scc-mailin-cs-01.scc.kit.edu
Alternative Names
  • scc-mailin-cs-01.scc.kit.edu
Issuer
Country (C)
  • DE
State (ST)
  • Baden-Wuerttemberg
Locality (L)
  • Karlsruhe
Organization (O)
  • Karlsruhe Institute of Technology
Common Name (CN)
  • KIT-CA
validity period
Not valid before
2017-07-12
Not valid after
2020-10-08
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Client Authentication
  • TLS Web Server Authentication
Fingerprints
SHA256
E7:89:D6:2D:84:74:3B:F3:7D:05:75:F1:8E:FD:C8:C3:CE:B5:78:2F:C1:22:7D:21:5A:5A:49:6E:0C:20:1C:78
SHA1
91:AD:92:6B:BF:00:FB:EF:A0:0D:D9:07:53:89:80:72:AE:52:DE:68
X509v3 extensions
subjectKeyIdentifier
  • 28:D9:7D:20:DB:3F:01:BA:4A:2F:70:00:54:F9:4C:A2:66:EC:C5:75
authorityKeyIdentifier
  • keyid:04:1A:BF:1C:93:91:3D:D3:D9:3D:B0:DE:13:23:E5:9A:70:F4:2E:08
crlDistributionPoints
  • Full Name:
  • URI:http://cdp1.pca.dfn.de/kit-ca-g2/pub/crl/cacrl.crl
  • Full Name:
  • URI:http://cdp2.pca.dfn.de/kit-ca-g2/pub/crl/cacrl.crl
authorityInfoAccess
  • OCSP - URI:http://ocsp.pca.dfn.de/OCSP-Server/OCSP
  • CA Issuers - URI:http://cdp1.pca.dfn.de/kit-ca-g2/pub/cacert/cacert.crt
  • CA Issuers - URI:http://cdp2.pca.dfn.de/kit-ca-g2/pub/cacert/cacert.crt
certificatePolicies
  • Policy: 1.3.6.1.4.1.22177.300.1.1.4.3.5
  • Policy: 1.3.6.1.4.1.22177.300.2.1.4.3.1
  • Policy: 1.3.6.1.4.1.22177.300.1.1.4
  • Policy: 1.3.6.1.4.1.22177.300.30
  • Policy: 2.23.140.1.2.2
First seen at:

CN=scc-spamtrap-always-defer.scc.kit.edu,O=Karlsruhe Institute of Technology,L=Karlsruhe,ST=Baden-Wuerttemberg,C=DE

Certificate chain
Subject
Country (C)
  • DE
State (ST)
  • Baden-Wuerttemberg
Locality (L)
  • Karlsruhe
Organization (O)
  • Karlsruhe Institute of Technology
Common Name (CN)
  • scc-spamtrap-always-defer.scc.kit.edu
Alternative Names
  • scc-spamtrap-always-defer.scc.kit.edu
Issuer
Country (C)
  • DE
State (ST)
  • Baden-Wuerttemberg
Locality (L)
  • Karlsruhe
Organization (O)
  • Karlsruhe Institute of Technology
Common Name (CN)
  • KIT-CA
validity period
Not valid before
2017-08-19
Not valid after
2020-11-15
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Client Authentication
  • TLS Web Server Authentication
Fingerprints
SHA256
C1:07:F9:08:65:75:3E:DC:17:D5:F1:61:3F:58:03:61:A6:6B:CD:09:75:A6:40:5C:7F:64:6A:07:07:44:99:E1
SHA1
8C:AC:3F:F8:F6:E5:E0:FD:85:85:32:C4:5B:AB:D6:EC:80:EC:0A:60
X509v3 extensions
subjectKeyIdentifier
  • 27:88:E2:08:C2:C9:51:DC:79:24:10:24:FE:53:29:2B:F3:FB:2E:9D
authorityKeyIdentifier
  • keyid:04:1A:BF:1C:93:91:3D:D3:D9:3D:B0:DE:13:23:E5:9A:70:F4:2E:08
crlDistributionPoints
  • Full Name:
  • URI:http://cdp1.pca.dfn.de/kit-ca-g2/pub/crl/cacrl.crl
  • Full Name:
  • URI:http://cdp2.pca.dfn.de/kit-ca-g2/pub/crl/cacrl.crl
authorityInfoAccess
  • OCSP - URI:http://ocsp.pca.dfn.de/OCSP-Server/OCSP
  • CA Issuers - URI:http://cdp1.pca.dfn.de/kit-ca-g2/pub/cacert/cacert.crt
  • CA Issuers - URI:http://cdp2.pca.dfn.de/kit-ca-g2/pub/cacert/cacert.crt
certificatePolicies
  • Policy: 1.3.6.1.4.1.22177.300.1.1.4.3.5
  • Policy: 1.3.6.1.4.1.22177.300.2.1.4.3.1
  • Policy: 1.3.6.1.4.1.22177.300.1.1.4
  • Policy: 1.3.6.1.4.1.22177.300.30
  • Policy: 2.23.140.1.2.2