vm-1.fra.hillmann.solutions - TLS / STARTTLS Test

Discover if the mail servers for vm-1.fra.hillmann.solutions can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 29 Jul 2024 11:51:30 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Valid

The mailservers of vm-1.fra.hillmann.solutions can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @vm-1.fra.hillmann.solutions addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
vm-1.fra.hillmann.solutions 91.210.227.101	-	supported	vm-1.fra.hillmann.solutions	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2024-07-29 1 s
vm-1.fra.hillmann.solutions 2a0a:51c0:0:7f::101	-	supported	vm-1.fra.hillmann.solutions	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2024-07-29 1 s

Outgoing Mails

We have not received any emails from a @vm-1.fra.hillmann.solutions address so far. Test mail delivery

Certificates

First seen at: 2024-07-28

CN=vm-1.fra.hillmann.solutions

Certificate chain

vm-1.fra.hillmann.solutions
- 2024-10-22 remaining
- 4096 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

vm-1.fra.hillmann.solutions

Alternative Names

vm-1.fra.hillmann.solutions

Issuer

Country (C)

Organization (O)

Let's Encrypt

Common Name (CN)

validity period

Not valid before: 2024-07-24
Not valid after: 2024-10-22

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 10:5C:7A:CD:B1:F9:19:B7:45:1B:AD:55:3E:C4:27:0E:C1:18:EC:F9:FF:8E:CB:36:60:DD:B3:E4:E0:D3:04:E0
SHA1: 65:01:BF:84:A6:92:E7:33:BC:1D:2E:EA:F8:DB:5D:B9:C1:C4:ED:76

X509v3 extensions

subjectKeyIdentifier

F5:F3:8A:9B:99:9C:B5:8E:C6:64:8B:F9:9B:43:5A:32:EE:80:68:DF

authorityKeyIdentifier

keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9

authorityInfoAccess

OCSP - URI:http://r11.o.lencr.org
CA Issuers - URI:http://r11.i.lencr.org/

certificatePolicies

Policy: 2.23.140.1.2.1

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
Timestamp : Jul 24 02:41:24.668 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:CE:11:B0:55:AA:0D:EA:8A:4F:E9:AA:
9B:6B:CE:29:6C:E5:23:3D:57:E7:12:15:77:DA:62:9F:
3C:E5:7F:59:EC:02:20:65:3A:7D:A3:60:15:91:C6:49:
50:AA:F0:A2:0A:F7:1D:69:A2:46:AC:88:97:12:B9:94:
74:B3:37:1B:5C:DB:8F
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
Timestamp : Jul 24 02:41:24.697 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:B4:91:20:55:AA:82:E7:8C:06:C5:80:
90:8B:B9:22:0E:CA:DE:63:33:BF:EB:5F:AD:8F:64:5E:
4A:1A:3F:D6:56:02:21:00:87:DC:BC:D0:01:BB:F2:21:
E5:8C:12:07:E5:7E:53:A2:8C:F9:98:A8:2B:99:F4:87:
95:0D:06:36:32:D7:F0:68

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.vm-1.fra.hillmann.solutions	DANE-TA: Trust Anchor Assertion Use subject public key SHA-256 Hash	valid	—
_25._tcp.vm-1.fra.hillmann.solutions	DANE-TA: Trust Anchor Assertion Use subject public key SHA-256 Hash	valid	valid

SSL check results of vm-1.fra.hillmann.solutions