IM Observatory server report for mondiaspora.org

Test started 2018-05-19 10:07:31 UTC .

Show client to server result | Permalink to this report | Retest

mondiaspora.org:5269
Certificate is not trusted, grade capped to F. Ignoring trust: B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
mondiaspora.org:5269
Version
ejabberd 16.12.3
StartTLS
ALLOWED

SRV records _xmpp-server._tcp.mondiaspora.org DNSSEC

Priority Weight Port Server
0 5 5269 mondiaspora.org

TLSA records

Certificates

Subject
commonName
mondiaspora.org
Details
Error: certificate has expired.
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2017-09-23 09:20:00 UTC
Valid to
2017-12-22 09:20:00 UTC
OCSP
http://ocsp.int-x3.letsencrypt.org
Valid for mondiaspora.org
YES
44:E0:B1:A2:77:A5:96:55:EF:90:63:EB:3A:44:59:A2:79:3B:1D:21
Subject Alternative Names
DNSName
mondiaspora.org Matches
Subject
commonName
Let's Encrypt Authority X3
countryName
US
organizationName
Let's Encrypt
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2016-03-17 16:40:46 UTC
Valid to
2021-03-17 16:40:46 UTC
CRL
http://crl.identrust.com/DSTROOTCAX3CRL.crl
OCSP
http://isrg.trustid.ocsp.identrust.com
E6:A3:B4:5B:06:2D:50:9B:33:82:28:2D:19:6E:FE:97:D5:95:6C:CB
Subject
commonName
DST Root CA X3
organizationName
Digital Signature Trust Co.
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2000-09-30 21:12:19 UTC
Valid to
2021-09-30 14:01:15 UTC
DA:C9:02:4F:54:D8:F6:DF:94:93:5F:B1:73:26:38:CA:6A:D7:7C:13
Subject
commonName
Let's Encrypt Authority X3
countryName
US
organizationName
Let's Encrypt
Details
Warning: Certificate is unused.
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2016-10-06 15:43:55 UTC
Valid to
2021-10-06 15:43:55 UTC
CRL
http://crl.root-x1.letsencrypt.org
OCSP
http://ocsp.root-x1.letsencrypt.org/
1B:23:67:53:54:FC:AD:90:11:9D:88:07:50:15:EA:17:AD:D5:27:D8

Protocols

SSLv2 No
SSLv3 No
TLSv1 No
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
DHE-RSA-AES256-GCM-SHA384 (0x9f) 256 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-CAMELLIA256-SHA (0x88) 256 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
AES256-GCM-SHA384 (0x9d) 256 No -
CAMELLIA256-SHA (0x84) 256 No -
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
DHE-RSA-AES128-GCM-SHA256 (0x9e) 128 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-SEED-SHA (0x9a) 128 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-CAMELLIA128-SHA (0x45) 128 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
AES128-GCM-SHA256 (0x9c) 128 No -
SEED-SHA (0x96) 128 No -
CAMELLIA128-SHA (0x41) 128 No -
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -
ECDHE-RSA-DES-CBC3-SHA (0xc012) WEAK 112 Yes Curve: prime256v1
EDH-RSA-DES-CBC3-SHA (0x16) WEAK 112 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DES-CBC3-SHA (0xa) WEAK 112 No -

Badge

IM observatory score

Want to show this result on your webpage? Add this:

<a href='https://check.messaging.one/result.php?domain=mondiaspora.org&amp;type=server'>
  <img src='https://check.messaging.one/badge.php?domain=mondiaspora.org' alt='IM observatory score' />
</a>