SSL-Tools

SSL check results of vanoeffel.nl

NEW You can also bulk check multiple servers.

Discover if the mail servers for vanoeffel.nl can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 03 May 2021 12:51:58 +0000

We can not guarantee a secure connection to the mailservers of vanoeffel.nl!

Please contact the operator of vanoeffel.nl and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/vanoeffel.nl

Servers

Incoming Mails

These servers are responsible for incoming mails to @vanoeffel.nl addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.vanoeffel.nl
45.138.229.249
 10
supported
mail.vanoeffel.nl
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mx1.xs4all.nl
194.109.24.132
Results incomplete
100
supported
not checked
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
mx4.xs4all.nl
194.109.24.139
Results incomplete
100
supported
not checked
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
mx3.xs4all.nl
194.109.24.134
Results incomplete
100
supported
not checked
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
mx2.xs4all.nl
194.109.24.138
Results incomplete
100
supported
not checked
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @vanoeffel.nl address so far. Test mail delivery

Certificates

First seen at:

CN=mail.vanoeffel.nl,C=NL

Certificate chain
  • mail.vanoeffel.nl
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
    • Expired
    • Unknown Authority
      StartCom Class 1 DV Server CA
Subject
Country (C)
  • NL
Common Name (CN)
  • mail.vanoeffel.nl
Alternative Names
  • mail.vanoeffel.nl
Issuer
Country (C)
  • IL
Organization (O)
  • StartCom Ltd.
Organizational Unit (OU)
  • StartCom Certification Authority
Common Name (CN)
  • StartCom Class 1 DV Server CA
validity period
Not valid before
2016-11-11
Not valid after
2019-11-11
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Client Authentication
  • TLS Web Server Authentication
Fingerprints
SHA256
07:88:46:C3:2D:A7:4D:1C:25:98:99:EC:37:33:24:8B:59:C7:CD:36:6D:B1:DD:2B:49:F5:E0:58:24:AB:57:A3
SHA1
97:9E:0E:0F:4E:43:32:D8:24:71:5E:2A:A2:B6:34:0B:19:77:D6:D9
X509v3 extensions
subjectKeyIdentifier
  • CA:F2:30:86:A5:81:E9:62:2F:7E:A9:5C:94:A6:B3:06:5A:A5:4C:D4
authorityKeyIdentifier
  • keyid:D7:91:4E:01:C4:B0:BF:F8:C8:67:93:44:9C:E7:33:FA:AD:93:0C:AF
authorityInfoAccess
  • OCSP - URI:http://ocsp.startssl.com
  • CA Issuers - URI:http://aia.startssl.com/certs/sca.server1.crt
crlDistributionPoints
  • Full Name:
  • URI:http://crl.startssl.com/sca-server1.crl
issuerAltName
  • URI:http://www.startssl.com/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.23223.1.2.5
  • CPS: https://www.startssl.com/policy
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 34:BB:6A:D6:C3:DF:9C:03:EE:A8:A4:99:FF:78:91:48:
  • 6C:9D:5E:5C:AC:92:D0:1F:7B:FD:1B:CE:19:DB:48:EF
  • Timestamp : Nov 11 11:38:01.994 2016 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:31:BE:87:D3:D3:92:45:BF:16:EB:6B:6F:
  • 94:A5:5C:6C:4A:93:F1:1C:9C:AB:4F:E6:65:29:4C:19:
  • AB:AD:FF:34:02:21:00:F2:82:5C:3C:64:F2:8E:9F:65:
  • 86:0D:21:22:F4:1C:56:C2:18:D1:94:FC:91:66:7F:CF:
  • B7:15:1B:67:2B:EC:A9
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:4B:BD:B7:75:CE:60:BA:E1:42:69:1F:AB:E1:9E:66:
  • A3:0F:7E:5F:B0:72:D8:83:00:C4:7B:89:7A:A8:FD:CB
  • Timestamp : Nov 11 11:38:04.209 2016 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:15:D4:57:4A:1A:73:98:98:49:E4:1F:87:
  • 1A:19:1A:81:1C:14:B3:C4:9F:E6:09:BC:32:C3:34:12:
  • 7F:21:E0:D7:02:20:62:8F:37:28:68:55:CA:EA:A3:9D:
  • 74:8E:A0:30:8E:FA:19:89:86:0D:1D:29:63:87:80:9D:
  • 93:7E:C4:C1:50:69
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 68:F6:98:F8:1F:64:82:BE:3A:8C:EE:B9:28:1D:4C:FC:
  • 71:51:5D:67:93:D4:44:D1:0A:67:AC:BB:4F:4F:FB:C4
  • Timestamp : Nov 11 11:38:03.099 2016 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:70:BB:BF:85:C9:D0:7C:28:91:6E:AC:B8:
  • 81:93:8F:99:41:A4:B2:20:66:ED:93:F4:A4:04:27:2E:
  • AF:C1:B9:D3:02:21:00:FD:A7:43:33:A8:D3:E6:D8:6E:
  • 81:97:9A:E8:16:65:EC:F4:E4:15:B9:7E:92:69:B8:D1:
  • A5:37:2E:2A:70:53:5A
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A4:B9:09:90:B4:18:58:14:87:BB:13:A2:CC:67:70:0A:
  • 3C:35:98:04:F9:1B:DF:B8:E3:77:CD:0E:C8:0D:DC:10
  • Timestamp : Nov 11 11:38:03.294 2016 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:B6:B7:33:03:CE:02:87:8B:D6:EB:D4:
  • 00:0A:3D:D6:37:31:24:0B:9E:DF:14:E6:DD:E4:39:10:
  • E9:F5:91:8E:60:02:20:28:1A:A7:81:C3:CD:A8:A0:46:
  • FD:9E:FB:65:F2:00:E2:99:0D:A3:A6:AC:A7:8E:C8:EB:
  • E9:84:35:33:CE:14:CD

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx1.xs4all.nl
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx1.xs4all.nl
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx1.xs4all.nl
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx4.xs4all.nl
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx4.xs4all.nl
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx4.xs4all.nl
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx3.xs4all.nl
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx3.xs4all.nl
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx3.xs4all.nl
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx2.xs4all.nl
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx2.xs4all.nl
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.mx2.xs4all.nl
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid