SSL check results of xn--rrc-wrfel-u9a.dk

NEW You can also bulk check multiple servers.

Discover if the mail servers for xn--rrc-wrfel-u9a.dk can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Mon, 04 Jun 2018 07:15:17 +0000

The mailservers of xn--rrc-wrfel-u9a.dk can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @xn--rrc-wrfel-u9a.dk addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
hermod.arnested.dk
2a02:c207:2007:7741::1
10
supported
hermod.arnested.dk
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
11 s
hermod.arnested.dk
5.189.168.47
10
supported
hermod.arnested.dk
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
11 s

Outgoing Mails

We have received emails from these servers with @xn--rrc-wrfel-u9a.dk sender addresses. Test mail delivery

Host TLS Version & Cipher
hermod.arnested.dk (5.189.168.47)
TLSv1.2 AECDH-AES256-SHA
hermod.arnested.dk (IPv6:2a02:c207:2007:7741::1)
TLSv1.2 AECDH-AES256-SHA
unknown (IPv6:2a02:c207::250:56ff:fe3c:b389)
TLSv1.2 AECDH-AES256-SHA

Certificates

First seen at:

CN=hermod.arnested.dk

Certificate chain
Subject
Common Name (CN)
  • hermod.arnested.dk
Alternative Names
  • hermod.arnested.dk
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • Let's Encrypt Authority X3
validity period
Not valid before
2018-05-27
Not valid after
2018-08-25
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
D4:27:27:91:5D:0D:21:31:0D:4A:AB:D5:E7:BD:2D:DB:67:DA:EF:3F:53:3B:20:05:6E:53:64:64:8D:7C:DC:5A
SHA1
AD:87:86:84:29:15:F3:36:9B:A5:7A:B3:45:7D:27:9E:46:69:93:3B
X509v3 extensions
subjectKeyIdentifier
  • DA:36:AE:3B:C9:6D:54:3A:0B:66:67:C2:82:E9:4C:26:84:6F:44:BC
authorityKeyIdentifier
  • keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
authorityInfoAccess
  • OCSP - URI:http://ocsp.int-x3.letsencrypt.org
  • CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
  • User Notice:
  • Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 29:3C:51:96:54:C8:39:65:BA:AA:50:FC:58:07:D4:B7:
  • 6F:BF:58:7A:29:72:DC:A4:C3:0C:F4:E5:45:47:F4:78
  • Timestamp : May 27 08:03:28.147 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:1F:DA:C3:59:3A:97:38:A2:E7:7D:9E:36:
  • A4:8F:5B:3F:C8:91:6F:35:7F:0B:C2:D3:BD:35:FE:48:
  • 81:3F:77:55:02:21:00:A1:24:FD:39:E2:0D:61:2C:DC:
  • 78:90:57:AB:C9:8B:4D:BB:5B:5F:19:C8:9F:A1:ED:30:
  • 3C:E4:47:26:EE:4A:F0
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DB:74:AF:EE:CB:29:EC:B1:FE:CA:3E:71:6D:2C:E5:B9:
  • AA:BB:36:F7:84:71:83:C7:5D:9D:4F:37:B6:1F:BF:64
  • Timestamp : May 27 08:03:28.195 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:8A:49:70:BC:4E:1A:2D:1C:79:9E:17:
  • 93:21:23:0D:26:A3:08:EF:3D:E2:3C:78:8F:76:FA:7C:
  • 4F:82:79:8A:9A:02:20:32:4E:19:49:7D:94:C2:F0:08:
  • DC:83:86:89:D3:CF:F3:C6:0B:78:2F:6E:4E:6A:AE:8B:
  • E8:E9:99:CF:28:0B:D5

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.hermod.arnested.dk
  • DANE-TA: Trust Anchor Assertion
  • Use full certificate
  • SHA-256 Hash
valid
valid