virsacer.net - TLS / STARTTLS Test

Discover if the mail servers for virsacer.net can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sat, 03 Jun 2023 10:52:27 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Valid

The mailservers of virsacer.net can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @virsacer.net addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
miva14.mivaweb.de 2a01:4f8:13b:2d18::2	10	supported	mivaweb.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2023-06-03 1 s
miva14.mivaweb.de 94.130.143.55	10	supported	mivaweb.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2023-06-03 1 s

Outgoing Mails

We have not received any emails from a @virsacer.net address so far. Test mail delivery

Certificates

First seen at: 2023-06-03

CN=mivaweb.de

Certificate chain

mivaweb.de
- 2023-08-12 remaining
- 4096 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

mivaweb.de

Alternative Names

*.mivaweb.de
mivaweb.de

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2023-05-14
Not valid after: 2023-08-12

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: BB:D9:65:B1:5A:30:8A:B9:92:9E:FD:40:E4:02:F5:0F:BA:03:96:D6:D6:72:A7:84:44:DA:8A:23:EA:B0:87:20
SHA1: AD:9B:85:57:12:25:E7:FD:75:72:E2:2D:C2:CF:BE:1B:F6:1C:D0:09

X509v3 extensions

subjectKeyIdentifier

BF:99:F0:DC:66:FB:C1:AB:A1:54:F7:D2:13:DA:2A:67:12:59:59:F1

authorityKeyIdentifier

keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6

authorityInfoAccess

OCSP - URI:http://r3.o.lencr.org
CA Issuers - URI:http://r3.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
CPS: http://cps.letsencrypt.org

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : B7:3E:FB:24:DF:9C:4D:BA:75:F2:39:C5:BA:58:F4:6C:
5D:FC:42:CF:7A:9F:35:C4:9E:1D:09:81:25:ED:B4:99
Timestamp : May 14 16:06:05.088 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:FA:3E:F9:62:76:A2:4F:E4:B5:38:92:
4D:F6:18:B6:54:C0:30:A4:40:26:D3:31:E0:D5:7C:C7:
49:B4:93:25:16:02:21:00:96:E7:8E:0D:06:60:6E:DF:
E9:57:20:6E:47:48:8D:73:9B:9C:2A:4D:12:72:15:2C:
2E:48:0D:55:BF:EA:2F:C6
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 7A:32:8C:54:D8:B7:2D:B6:20:EA:38:E0:52:1E:E9:84:
16:70:32:13:85:4D:3B:D2:2B:C1:3A:57:A3:52:EB:52
Timestamp : May 14 16:06:05.100 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:DD:D1:EB:D6:EA:E6:29:6F:76:CF:0E:
88:8C:8C:28:D2:19:59:0B:58:69:44:B5:65:CC:D4:47:
45:92:1C:ED:CB:02:21:00:A4:70:78:4C:59:6B:CE:6E:
39:BF:E8:82:10:98:C6:4A:DB:DF:BF:78:68:84:44:8B:
17:95:DC:27:C8:C1:58:D9

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.miva14.mivaweb.de	DANE-TA: Trust Anchor Assertion Use subject public key SHA-256 Hash	valid	—
_25._tcp.miva14.mivaweb.de	DANE-TA: Trust Anchor Assertion Use subject public key SHA-256 Hash	valid	—
_25._tcp.miva14.mivaweb.de	DANE-TA: Trust Anchor Assertion Use subject public key SHA-256 Hash	valid	—
_25._tcp.miva14.mivaweb.de	DANE-TA: Trust Anchor Assertion Use subject public key SHA-256 Hash	valid	valid

SSL check results of virsacer.net