SSL-Tools

SSL check results of tectareal.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for tectareal.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Fri, 05 Nov 2021 10:39:27 +0000

No connection to the mailservers of tectareal.de could be established.

Servers

Incoming Mails

These servers are responsible for incoming mails to @tectareal.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
secure-mail02.de.cancom-mase.com
195.227.216.10
Results incomplete
10
supported
*.de.cancom-mase.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
secure-mail01.de.cancom-mase.com
195.227.216.2
Results incomplete
10
supported
*.de.cancom-mase.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
5 s
secure-mail03.de.cancom-mase.com
5.61.80.97
Results incomplete
20
supported
*.de.cancom-mase.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
secure-mail04.de.cancom-mase.com
5.61.80.98
Results incomplete
20
supported
*.de.cancom-mase.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Outgoing Mails

We have not received any emails from a @tectareal.de address so far. Test mail delivery

Certificates

First seen at:

CN=*.de.cancom-mase.com

Certificate chain
Subject
Common Name (CN)
  • *.de.cancom-mase.com
Alternative Names
  • *.de.cancom-mase.com
  • de.cancom-mase.com
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Common Name (CN)
  • RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
validity period
Not valid before
2021-07-21
Not valid after
2022-07-21
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
43:FA:AC:95:EE:6C:11:2A:A9:90:53:25:7F:0A:EC:E2:B8:03:80:A3:01:52:74:82:EA:7B:60:C5:1B:DD:79:4D
SHA1
7B:F5:2D:3D:B8:E3:22:2D:8E:9B:81:4C:E7:BE:5E:3A:2C:AD:2C:F3
X509v3 extensions
authorityKeyIdentifier
  • keyid:A4:8D:E5:BE:7C:79:E4:70:23:6D:2E:29:34:AD:23:58:DC:F5:31:7F
subjectKeyIdentifier
  • AC:00:C6:E2:DF:68:7C:02:0B:7F:BA:F6:AF:EB:75:A1:AC:FF:15:3C
crlDistributionPoints
  • Full Name:
  • URI:http://crl3.digicert.com/RapidSSLTLSDVRSAMixedSHA2562020CA-1.crl
  • Full Name:
  • URI:http://crl4.digicert.com/RapidSSLTLSDVRSAMixedSHA2562020CA-1.crl
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • CPS: http://www.digicert.com/CPS
authorityInfoAccess
  • OCSP - URI:http://ocsp.digicert.com
  • CA Issuers - URI:http://cacerts.digicert.com/RapidSSLTLSDVRSAMixedSHA2562020CA-1.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 29:79:BE:F0:9E:39:39:21:F0:56:73:9F:63:A5:77:E5:
  • BE:57:7D:9C:60:0A:F8:F9:4D:5D:26:5C:25:5D:C7:84
  • Timestamp : Jul 21 13:51:54.635 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:A8:B1:B9:CE:24:2B:EB:82:FE:C6:9C:
  • 99:D1:48:71:F5:7F:55:4D:31:FB:98:8A:76:EE:17:3D:
  • AE:B9:13:0D:23:02:20:01:B2:35:1B:12:A3:D9:2F:61:
  • 6B:98:24:07:9E:A3:3C:43:BC:33:DD:AE:01:55:7E:89:
  • 12:F3:0A:77:5B:14:B1
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 51:A3:B0:F5:FD:01:79:9C:56:6D:B8:37:78:8F:0C:A4:
  • 7A:CC:1B:27:CB:F7:9E:88:42:9A:0D:FE:D4:8B:05:E5
  • Timestamp : Jul 21 13:51:54.751 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:D1:2A:81:ED:C3:87:2B:6B:4A:03:49:
  • 9F:3E:8C:F2:49:22:E2:DC:3F:9F:A9:1A:0E:0E:2E:6A:
  • 6B:66:6A:9D:C1:02:20:24:81:C7:D8:33:EA:24:57:4E:
  • D7:52:40:05:52:F0:2D:82:B3:4E:98:02:AA:4D:A5:D2:
  • A5:0D:85:B9:4A:36:22
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 41:C8:CA:B1:DF:22:46:4A:10:C6:A1:3A:09:42:87:5E:
  • 4E:31:8B:1B:03:EB:EB:4B:C7:68:F0:90:62:96:06:F6
  • Timestamp : Jul 21 13:51:54.718 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:18:32:89:C4:FA:F7:D8:33:CC:62:72:7B:
  • 61:EE:77:50:97:B1:6B:F3:ED:C8:D9:2E:D4:E8:E2:C0:
  • 48:B2:BF:87:02:21:00:E4:6D:FB:73:B2:36:12:73:91:
  • 82:DE:55:19:62:F8:8B:41:17:1A:E3:26:93:5A:44:60:
  • 3F:43:CE:4B:19:93:BE

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.secure-mail03.de.cancom-mase.com
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
_25._tcp.secure-mail03.de.cancom-mase.com
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid
_25._tcp.secure-mail04.de.cancom-mase.com
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
_25._tcp.secure-mail04.de.cancom-mase.com
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid
_25._tcp.secure-mail02.de.cancom-mase.com
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
_25._tcp.secure-mail02.de.cancom-mase.com
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid
_25._tcp.secure-mail01.de.cancom-mase.com
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
_25._tcp.secure-mail01.de.cancom-mase.com
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid