IM Observatory client report for spodhuis.org

Test started 2018-04-07 19:22:36 UTC .

Show server to server result | Permalink to this report | Retest

xmpp.spodhuis.org:5222
Grade T: Certificate is not trusted, but ignoring trust would score an A.
xmpp.spodhuis.org:5222
Version
Prosody 0.9.10
StartTLS
REQUIRED

SASL

Pre-TLS

None

Post-TLS
DIGEST-MD5
PLAIN
SCRAM-SHA-1

SRV records _xmpp-client._tcp.spodhuis.org DNSSEC

Priority Weight Port Server
10 2 5222 xmpp.spodhuis.org

TLSA records

Verified Usage Selector Match Data
NO trust anchor assertion SPKI SHA-256
B1:11:DD:8A:1C:20:91:A8:9B:D4:FD:60:C5:7F:07:16:CC:E5:0F:EE:FF:81:37:CD:BE:E0:32:6E:02:CF:36:2B
NO trust anchor assertion full SHA-256
11:F0:58:F6:1F:97:B8:AD:C6:6E:F4:80:1F:91:8C:71:B1:0E:5C:1E:3D:39:AF:DE:10:40:8B:30:26:64:7E:F1
YES trust anchor assertion full SHA-256
EA:99:06:3A:0A:3B:DA:97:27:03:2C:F8:2D:A2:38:69:8B:90:BA:72:93:00:70:3D:39:56:94:36:35:F9:64:88
NO trust anchor assertion SPKI SHA-256
60:B8:75:75:44:7D:CB:A2:A3:6B:7D:11:AC:09:FB:24:A9:DB:40:6F:EE:12:D2:CC:90:18:05:17:61:6E:8A:18

Certificates

Subject
commonName
spodhuis.org
countryName
US
emailAddress
xmpp@spodhuis.org
organizationName
Spodhuis
organizationalUnitName
Chat Services
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2016-08-11 05:03:55 UTC
Valid to
2018-08-11 05:03:55 UTC
CRL
https://www.security.spodhuis.org/CA/globnixCA4.crl
Valid for spodhuis.org
YES
1B:07:AA:3A:9F:BF:EA:24:1A:F6:AE:A4:7B:79:A8:EA:A1:AC:5E:5D
Subject Alternative Names
DNSName
spodhuis.org Matches
DNSName
xmpp.spodhuis.org
DNSName
xmpp-s2s.spodhuis.org
DNSName
chat.spodhuis.org
DNSName
conference.spodhuis.org
DNSName
proxy-chatfiles.spodhuis.org
SRVName
_xmpp-server.proxy-chatfiles.spodhuis.org
SRVName
_xmpp-client.spodhuis.org Matches
SRVName
_xmpp-server.spodhuis.org
SRVName
_xmpp-server.conference.spodhuis.org
XMPPAddr
conference.spodhuis.org
XMPPAddr
proxy-chatfiles.spodhuis.org
XMPPAddr
spodhuis.org Matches
Subject
commonName
GlobNIX Certificate Authority 4
countryName
US
organizationName
GlobNIX Systems
organizationalUnitName
Certification Authority
stateOrProvinceName
Pennsylvania
Details
Error: self signed certificate in certificate chain.
Signature algorithm
sha256WithRSAEncryption
Public key
3072 bit RSA
Valid from
2014-09-02 08:02:56 UTC
Valid to
2022-11-19 08:02:56 UTC
CRL
https://www.security.spodhuis.org/CA/globnixCA4.crl
7F:56:FB:9C:92:CF:6D:DA:B7:EE:09:83:77:AF:46:C8:6D:0A:B8:71

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: secp384r1
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: secp384r1
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: secp384r1
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: secp384r1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: secp384r1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: secp384r1
DHE-RSA-AES256-GCM-SHA384 (0x9f) 256 Yes Diffie-Hellman:
Bitsize: 2048
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Bitsize: 2048
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Bitsize: 2048
DHE-RSA-AES128-GCM-SHA256 (0x9e) 128 Yes Diffie-Hellman:
Bitsize: 2048
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Bitsize: 2048
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Bitsize: 2048

Badge

IM observatory score

Want to show this result on your webpage? Add this:

<a href='https://check.messaging.one/result.php?domain=spodhuis.org&amp;type=client'>
  <img src='https://check.messaging.one/badge.php?domain=spodhuis.org' alt='IM observatory score' />
</a>