SSL check results of vm-1.fra.hillmann.solutions

NEW You can also bulk check multiple servers.

Discover if the mail servers for vm-1.fra.hillmann.solutions can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Wed, 13 Jan 2021 18:06:06 +0000

The mailservers of vm-1.fra.hillmann.solutions can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @vm-1.fra.hillmann.solutions addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
vm-1.fra.hillmann.solutions
91.210.227.101
-
supported
vm-1.fra.hillmann.solutions
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
vm-1.fra.hillmann.solutions
2a0a:51c0:0:7f::101
-
supported
vm-1.fra.hillmann.solutions
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s

Outgoing Mails

We have not received any emails from a @vm-1.fra.hillmann.solutions address so far. Test mail delivery

Certificates

First seen at:

CN=vm-1.fra.hillmann.solutions

Certificate chain
  • vm-1.fra.hillmann.solutions
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption

      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption

          • DST Root CA X3 (Certificate is self-signed.)
            • remaining
            • 2048 bit
            • sha1WithRSAEncryption

Subject
Common Name (CN)
  • vm-1.fra.hillmann.solutions
Alternative Names
  • vm-1.fra.hillmann.solutions
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2020-12-12
Not valid after
2021-03-12
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
B7:D5:D1:90:36:64:BC:7E:FA:C0:62:D5:17:87:33:F4:61:21:6D:95:9D:CB:D9:AE:B8:21:44:40:74:9A:8D:4A
SHA1
5B:46:80:92:A8:0A:6F:BD:08:E0:3D:78:32:03:32:13:C8:DE:1C:58
X509v3 extensions
subjectKeyIdentifier
  • 4A:B8:80:B4:19:AD:6C:FC:19:06:C3:EF:5E:CD:E7:F5:D3:23:35:6F
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : F6:5C:94:2F:D1:77:30:22:14:54:18:08:30:94:56:8E:
  • E3:4D:13:19:33:BF:DF:0C:2F:20:0B:CC:4E:F1:64:E3
  • Timestamp : Dec 12 03:03:00.060 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:01:35:DC:48:BD:7B:98:9D:4B:E0:99:35:
  • E0:E1:CB:DC:47:A3:78:72:F2:65:D5:C8:63:5D:51:9F:
  • 3A:E4:7D:5F:02:21:00:DB:CF:54:AB:7F:39:61:63:50:
  • 0B:B1:C3:F1:10:8F:80:E6:51:FE:77:A9:3D:EA:14:AF:
  • 5C:86:06:9B:AB:6E:7E
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
  • 15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
  • Timestamp : Dec 12 03:03:00.181 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:80:F7:C9:AF:EB:F3:B7:39:94:05:6D:
  • 73:17:F1:C6:24:95:35:96:E3:57:8B:8C:A9:85:1D:DC:
  • 1C:E4:B2:17:6A:02:21:00:BC:E2:24:98:DD:EE:A3:6E:
  • 20:7E:FC:0F:64:3C:37:C5:02:C3:13:4A:25:4C:38:F0:
  • 9B:DC:BD:E8:98:25:CC:41

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.vm-1.fra.hillmann.solutions
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-512 Hash
valid
valid