SSL-Tools

SSL check results of posteo.de

NEW You can also bulk check multiple servers.

Discover if the webservers of posteo.de can be reached through a secure connection.

Summary

JSON Refresh

Report created Mon, 08 May 2023 15:56:48 +0000

The webservers of posteo.de can be reached through a secure connection.

Servers

Hostname / IP address Certificates Protocol
posteo.de
185.67.36.168
 posteo.de
HSTS
unexpected EOF
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
posteo.de
185.67.36.169
 posteo.de
HSTS
unexpected EOF
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
posteo.de
2a05:bc0:1000::168:1
 posteo.de
HSTS
unexpected EOF
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
posteo.de
2a05:bc0:1000:80::168:1
 posteo.de
HSTS
unexpected EOF
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
posteo.de
2a05:bc0:1000::169:1
 posteo.de
HSTS
unexpected EOF
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
posteo.de
2a05:bc0:1000:80::169:1
 posteo.de
HSTS
unexpected EOF
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Certificates

First seen at:

CN=posteo.de,O=Posteo e.K.,L=Berlin,ST=Berlin,C=DE,serialNumber=HRA 47592,businessCategory=Private Organization,jurisdictionL=Charlottenburg,jurisdictionST=Berlin,jurisdictionC=DE

Certificate chain
Subject
jurisdictionC
  • DE
jurisdictionST
  • Berlin
jurisdictionL
  • Charlottenburg
Business category
  • Private Organization
Serial number
  • HRA 47592
Country (C)
  • DE
State (ST)
  • Berlin
Locality (L)
  • Berlin
Organization (O)
  • Posteo e.K.
Common Name (CN)
  • posteo.de
Alternative Names
  • posteo.de
  • www.posteo.de
  • lists.posteo.de
  • autoconfig.posteo.de
  • mta-sts.posteo.de
  • api.posteo.de
  • cdn.posteo.de
  • autodiscover.posteo.de
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Organizational Unit (OU)
  • www.digicert.com
Common Name (CN)
  • GeoTrust EV RSA CA 2018
validity period
Not valid before
2023-01-27
Not valid after
2024-02-22
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
E8:E2:06:71:4D:15:6E:68:DF:24:CE:FD:7F:53:5D:EE:E1:FA:75:5A:87:14:6D:EC:36:76:15:70:E1:09:8F:92
SHA1
27:CD:27:2F:23:5B:B8:1F:89:72:8A:71:9B:1A:A0:70:F6:8B:49:BE
X509v3 extensions
authorityKeyIdentifier
  • keyid:CA:92:67:52:61:DE:AE:FC:BA:22:2B:7F:1C:87:4C:25:FB:6F:99:58
subjectKeyIdentifier
  • E1:CD:91:AF:5E:4E:5E:67:4E:58:8E:DF:46:03:35:F4:05:10:47:7C
crlDistributionPoints
  • Full Name:
  • URI:http://cdp.geotrust.com/GeoTrustEVRSACA2018.crl
certificatePolicies
  • Policy: 2.16.840.1.114412.2.1
  • Policy: 2.23.140.1.1
  • CPS: http://www.digicert.com/CPS
authorityInfoAccess
  • OCSP - URI:http://status.geotrust.com
  • CA Issuers - URI:http://cacerts.geotrust.com/GeoTrustEVRSACA2018.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
  • 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
  • Timestamp : Jan 27 19:20:39.658 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:BA:2E:2C:05:B9:86:B6:2E:4B:3A:E9:
  • 6A:6F:08:75:15:A4:90:15:34:9C:A2:4D:DC:54:98:3B:
  • 83:1A:4E:73:BC:02:20:3E:8B:E6:65:D3:B1:ED:DC:05:
  • 85:70:8D:DC:77:07:CC:3C:18:45:68:BF:23:C6:05:83:
  • 22:D3:8F:2C:B7:F8:34
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 73:D9:9E:89:1B:4C:96:78:A0:20:7D:47:9D:E6:B2:C6:
  • 1C:D0:51:5E:71:19:2A:8C:6B:80:10:7A:C1:77:72:B5
  • Timestamp : Jan 27 19:20:39.757 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:1F:FD:FB:AD:38:99:5C:25:8D:61:C9:48:
  • 5F:22:E9:A9:4A:8B:45:57:50:E2:E9:87:4B:84:25:33:
  • EF:B0:A3:5D:02:20:29:6C:2F:FD:E4:34:DA:0A:8F:35:
  • 8D:45:A0:23:DA:20:4D:0B:C4:06:E6:56:94:4C:39:69:
  • E9:EB:84:2A:4F:AD
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : Jan 27 19:20:39.706 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:34:3E:B4:9B:50:24:36:E0:E5:46:C5:D4:
  • 9C:76:C8:3E:DC:58:5C:65:0D:F5:BE:D7:CE:AB:38:B2:
  • 10:FD:1D:9D:02:21:00:CC:CD:F6:92:84:0E:05:21:7F:
  • 86:B0:8D:40:63:7A:3B:5D:AD:4F:86:1D:B0:62:96:40:
  • 53:30:E1:96:F6:CE:D0

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_443._tcp.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_443._tcp.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_443._tcp.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_443._tcp.posteo.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid