krisz
Besten Dank. Habe es auch gleich ausprobiert.
$ openssl s_client -connect smtp.strato.de:465
CONNECTED(00000003)
depth=2 C = DE, O = T-Systems Enterprise Services GmbH, OU = T-Systems Trust Center, CN = T-TeleSec GlobalRoot Class 2
verify return:1
depth=1 C = DE, O = T-Systems International GmbH, OU = T-Systems Trust Center, ST = Nordrhein Westfalen, postalCode = 57250, L = Netphen, street = Untere Industriestr. 20, CN = TeleSec ServerPass Class 2 CA
verify return:1
depth=0 C = DE, O = Strato AG, OU = Rechenzentrum, ST = Berlin, L = Berlin, CN = smtp.strato.de
verify return:1
---
Certificate chain
0 s:C = DE, O = Strato AG, OU = Rechenzentrum, ST = Berlin, L = Berlin, CN = smtp.strato.de
i:C = DE, O = T-Systems International GmbH, OU = T-Systems Trust Center, ST = Nordrhein Westfalen, postalCode = 57250, L = Netphen, street = Untere Industriestr. 20, CN = TeleSec ServerPass Class 2 CA
a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
v:NotBefore: Feb 23 10:36:26 2022 GMT; NotAfter: Feb 27 23:59:59 2023 GMT
1 s:C = DE, O = T-Systems International GmbH, OU = T-Systems Trust Center, ST = Nordrhein Westfalen, postalCode = 57250, L = Netphen, street = Untere Industriestr. 20, CN = TeleSec ServerPass Class 2 CA
i:C = DE, O = T-Systems Enterprise Services GmbH, OU = T-Systems Trust Center, CN = T-TeleSec GlobalRoot Class 2
a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
v:NotBefore: Feb 11 14:39:10 2014 GMT; NotAfter: Feb 11 23:59:59 2024 GMT
---
Server certificate
-----BEGIN CERTIFICATE-----
eine Menge Zeugs, der Übersicht wegen rausgenommen
-----END CERTIFICATE-----
subject=C = DE, O = Strato AG, OU = Rechenzentrum, ST = Berlin, L = Berlin, CN = smtp.strato.de
issuer=C = DE, O = T-Systems International GmbH, OU = T-Systems Trust Center, ST = Nordrhein Westfalen, postalCode = 57250, L = Netphen, street = Untere Industriestr. 20, CN = TeleSec ServerPass Class 2 CA
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 4271 bytes and written 400 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
220 smtp.strato.de ESMTP RZmta (P4 -)
Das sieht doch eigentlich gut aus ... oder?