IM Observatory server report for chat.uni-erlangen.de

Test started 2018-05-19 09:22:38 UTC .

Show client to server result | Permalink to this report | Retest

jabber.rrze.uni-erlangen.de:5269
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
jabber.rrze.uni-erlangen.de:5269
Version
Openfire 4.1.3
StartTLS
ALLOWED

SRV records _xmpp-server._tcp.chat.uni-erlangen.de DNSSEC

Priority Weight Port Server
0 0 5269 jabber.rrze.uni-erlangen.de

TLSA records

Certificates

Subject
commonName
jabber.rrze.uni-erlangen.de
countryName
DE
localityName
Erlangen
organizationName
Universitaet Erlangen-Nuernberg
organizationalUnitName
RRZE
stateOrProvinceName
Bayern
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2015-02-23 12:47:15 UTC
Valid to
2019-07-09 23:59:00 UTC
CRL
http://cdp2.pca.dfn.de/uni-erlangen-nuernberg-ca/pub/crl/cacrl.crl
OCSP
http://ocsp.pca.dfn.de/OCSP-Server/OCSP
Valid for chat.uni-erlangen.de
YES
39:DB:1C:99:92:C0:24:B7:F7:0F:36:FC:4C:61:A7:09:DA:C8:AE:96
Subject Alternative Names
DNSName
chat.fau.de
DNSName
chat.rrze.uni-erlangen.de
DNSName
chat.uni-erlangen.de Matches
DNSName
conference.chat.uni-erlangen.de
DNSName
jabber.rrze.uni-erlangen.de
Subject
commonName
FAU-CA
countryName
DE
emailAddress
ca@rrze.uni-erlangen.de
localityName
Erlangen
organizationName
Universitaet Erlangen-Nuernberg
organizationalUnitName
RRZE
stateOrProvinceName
Bayern
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2014-05-27 14:56:37 UTC
Valid to
2019-07-09 23:59:00 UTC
CRL
http://cdp2.pca.dfn.de/global-root-ca/pub/crl/cacrl.crl
OCSP
http://ocsp.pca.dfn.de/OCSP-Server/OCSP
82:EF:BD:80:D3:47:4C:B8:BA:96:87:36:7F:6E:3C:6B:51:1E:70:F1
Subject
commonName
DFN-Verein PCA Global - G01
countryName
DE
organizationName
DFN-Verein
organizationalUnitName
DFN-PKI
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2014-07-22 12:08:26 UTC
Valid to
2019-07-09 23:59:00 UTC
CRL
http://pki0336.telesec.de/rl/DT_ROOT_CA_2.crl
OCSP
http://ocsp0336.telesec.de/ocspr
F4:C5:38:C3:BB:99:4F:13:F8:FD:C2:40:B6:79:A6:4B:19:34:A1:B5
Subject
commonName
Deutsche Telekom Root CA 2
countryName
DE
organizationName
Deutsche Telekom AG
organizationalUnitName
T-TeleSec Trust Center
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
1999-07-09 12:11:00 UTC
Valid to
2019-07-09 23:59:00 UTC
85:A4:08:C0:9C:19:3E:5D:51:58:7D:CD:D6:13:30:FD:8C:DE:37:BF

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -
ECDHE-RSA-DES-CBC3-SHA (0xc012) WEAK 112 Yes Curve: prime256v1
EDH-RSA-DES-CBC3-SHA (0x16) WEAK 112 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DES-CBC3-SHA (0xa) WEAK 112 No -

Badge

IM observatory score

Want to show this result on your webpage? Add this:

<a href='https://check.messaging.one/result.php?domain=chat.uni-erlangen.de&amp;type=server'>
  <img src='https://check.messaging.one/badge.php?domain=chat.uni-erlangen.de' alt='IM observatory score' />
</a>