IM Observatory server report for am-1.org

Test started 2018-07-07 07:07:29 UTC .

Show client to server result | Permalink to this report | Retest

fely.am-1.org:5269
Certificate is not trusted, grade capped to F. Ignoring trust: B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
fely.am-1.org:5269
Version
ejabberd 16.09
StartTLS
ALLOWED

SRV records _xmpp-server._tcp.am-1.org DNSSEC

Priority Weight Port Server
10 1 5269 fely.am-1.org

TLSA records

Verified Usage Selector Match Data
YES trust anchor assertion full SHA-256
FF:2A:65:CF:F1:14:9C:74:30:10:1E:0F:65:A0:7E:C1:91:83:A3:B6:33:EF:4A:65:10:89:0D:AD:18:31:6B:3A
YES trust anchor assertion full SHA-512
EB:0A:D8:4F:11:B4:B0:8B:F7:6C:78:66:EF:32:84:22:92:BB:B2:86:2F:B6:FC:49:C0:A3:F8:07:62:9C:A8:F5:DD:28:A0:DE:7B:0C:04:D5:66:02:0A:C4:FF:2B:A4:4E:2F:61:2A:A5:8A:1A:E4:CC:AC:E4:86:D2:44:95:2F:C2

Certificates

Subject
commonName
fely.am-1.org
Details
Signature algorithm
sha512WithRSAEncryption
Public key
2048 bit RSA
Valid from
2018-03-21 18:32:38 UTC
Valid to
2018-09-17 18:32:38 UTC
CRL
http://crl.cacert.org/revoke.crl
OCSP
http://ocsp.cacert.org/
Valid for am-1.org
YES
AE:66:54:13:B9:E7:CA:EF:58:40:2E:45:34:4B:33:0E:00:00:59:DF
Subject Alternative Names
DNSName
fely.am-1.org
DNSName
anymx.uusia.org
DNSName
am-1.org Matches
DNSName
eos.am-1.org
DNSName
spire.am-1.org
DNSName
www.am-1.org
DNSName
aptns.com
XMPPAddr
fely.am-1.org
XMPPAddr
anymx.uusia.org
XMPPAddr
am-1.org Matches
XMPPAddr
eos.am-1.org
XMPPAddr
spire.am-1.org
XMPPAddr
www.am-1.org
XMPPAddr
aptns.com
Subject
commonName
CA Cert Signing Authority
emailAddress
support@cacert.org
organizationName
Root CA
organizationalUnitName
http://www.cacert.org
Details
Error: self signed certificate in certificate chain.
Signature algorithm
md5WithRSAEncryption INSECURE
Public key
4096 bit RSA
Valid from
2003-03-30 12:29:49 UTC
Valid to
2033-03-29 12:29:49 UTC
CRL
https://www.cacert.org/revoke.crl
13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
DHE-RSA-AES256-GCM-SHA384 (0x9f) 256 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
AES256-GCM-SHA384 (0x9d) 256 No -
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
DHE-RSA-AES128-GCM-SHA256 (0x9e) 128 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
AES128-GCM-SHA256 (0x9c) 128 No -
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -

Badge

IM observatory score

Want to show this result on your webpage? Add this:

<a href='https://check.messaging.one/result.php?domain=am-1.org&amp;type=server'>
  <img src='https://check.messaging.one/badge.php?domain=am-1.org' alt='IM observatory score' />
</a>