SSL-Tools

SSL check results of webdesign-basel.ch

NEW You can also bulk check multiple servers.

Discover if the mail servers for webdesign-basel.ch can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sun, 10 Aug 2025 20:21:49 +0000

The mailservers of webdesign-basel.ch can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @webdesign-basel.ch addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
webdesign-basel.ch
2a01:4f9:3071:1ce0::5
 0
supported
webdesign-basel.ch
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
webdesign-basel.ch
65.21.45.180
 0
supported
webdesign-basel.ch
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @webdesign-basel.ch address so far. Test mail delivery

Certificates

First seen at:

CN=webdesign-basel.ch

Certificate chain
  • webdesign-basel.ch
    • remaining
    • 256 bit
    • ecdsa-with-SHA384
      • E6
        • remaining
        • 384 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • webdesign-basel.ch
Alternative Names
  • *.webdesign-basel.ch
  • webdesign-basel.ch
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • E6
validity period
Not valid before
2025-08-02
Not valid after
2025-10-31
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
4B:50:DD:11:D2:10:D1:23:F9:C9:73:67:9B:1F:A2:C0:AF:C2:D1:B6:42:25:50:BF:9E:3F:45:18:3F:90:4C:61
SHA1
CE:3C:3A:81:7E:D6:08:08:71:91:20:6C:80:E6:CA:AF:C0:BE:15:84
X509v3 extensions
subjectKeyIdentifier
  • 99:B9:48:01:9B:52:4C:AB:E3:9F:46:19:43:76:CE:73:6B:47:9A:B2
authorityKeyIdentifier
  • keyid:93:27:46:98:03:A9:51:68:8E:98:D6:C4:42:48:DB:23:BF:58:94:D2
authorityInfoAccess
  • CA Issuers - URI:http://e6.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://e6.c.lencr.org/125.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : ED:3C:4B:D6:E8:06:C2:A4:A2:00:57:DB:CB:24:E2:38:
  • 01:DF:51:2F:ED:C4:86:C5:70:0F:20:DD:B7:3E:3F:E0
  • Timestamp : Aug 2 04:39:38.534 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:C0:20:44:2F:3D:B1:FC:D5:DA:A0:BA:
  • 1F:FF:A0:C2:2E:A4:E2:32:4D:5C:1D:DC:28:96:15:0E:
  • 03:E5:F3:F1:22:02:20:4C:FC:F8:4F:7A:2B:E6:42:11:
  • 34:2D:8F:F3:06:38:46:06:31:18:60:96:F3:77:1E:E5:
  • 55:1B:0C:C5:9C:51:DF
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 1A:04:FF:49:D0:54:1D:40:AF:F6:A0:C3:BF:F1:D8:C4:
  • 67:2F:4E:EC:EE:23:40:68:98:6B:17:40:2E:DC:89:7D
  • Timestamp : Aug 2 04:39:38.551 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:8A:A3:1A:DE:C8:8E:57:49:28:28:FD:
  • FF:29:BA:FB:4A:B7:59:18:0B:98:F6:67:7F:A4:1F:52:
  • 93:F1:58:B3:80:02:21:00:A0:E7:4E:C9:F4:5F:2C:2F:
  • 57:FE:E3:0D:D1:24:F0:70:49:2C:24:FC:E0:54:7E:61:
  • EA:54:C0:B4:34:58:68:DD

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.webdesign-basel.ch
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.webdesign-basel.ch
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid