IM Observatory client report for xmpp.shafersound.com

Test started 2020-10-29 04:20:17 UTC .

Show server to server result | Permalink to this report |

xmpp.shafersound.com:5222
Grade T: Certificate is not trusted, but ignoring trust would score an A.
xmpp.shafersound.com:5222
StartTLS
REQUIRED

SASL

Pre-TLS
CRAM-MD5
DIGEST-MD5
OFMEET
PLAIN
SCRAM-SHA-1
Post-TLS
CRAM-MD5
DIGEST-MD5
OFMEET
PLAIN
SCRAM-SHA-1

SRV records _xmpp-client._tcp.xmpp.shafersound.com NO DNSSEC

Priority Weight Port Server

TLSA records

Certificates

Subject
commonName
xmpp.shafersound.com
Details
Error: unable to get local issuer certificate.
Error: unable to verify the first certificate.
Signature algorithm
sha384WithRSAEncryption
Public key
2048 bit RSA
Valid from
2020-10-10 00:00:00 UTC
Valid to
2021-01-08 23:59:59 UTC
OCSP
http://zerossl.ocsp.sectigo.com
Valid for xmpp.shafersound.com
YES
BF:64:BC:70:D8:A9:F3:17:6B:B0:01:60:06:06:C9:91:3A:49:A7:E3
Subject Alternative Names
DNSName
xmpp.shafersound.com Matches
Subject
commonName
ZeroSSL RSA Domain Secure Site CA
countryName
AT
organizationName
ZeroSSL
Details
Signature algorithm
sha384WithRSAEncryption
Public key
4096 bit RSA
Valid from
2020-01-30 00:00:00 UTC
Valid to
2030-01-29 23:59:59 UTC
CRL
http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl
OCSP
http://ocsp.usertrust.com
C8:1A:8B:D1:F9:CF:6D:84:C5:25:F3:78:CA:1D:3F:8C:30:77:0E:34
Subject
commonName
USERTrust RSA Certification Authority
countryName
US
localityName
Jersey City
organizationName
The USERTRUST Network
stateOrProvinceName
New Jersey
Details
Signature algorithm
sha384WithRSAEncryption
Public key
4096 bit RSA
Valid from
2019-03-12 00:00:00 UTC
Valid to
2028-12-31 23:59:59 UTC
CRL
http://crl.comodoca.com/AAACertificateServices.crl
OCSP
http://ocsp.comodoca.com
D8:9E:3B:D4:3D:5D:90:9B:47:A1:89:77:AA:9D:5C:E3:6C:EE:18:4C
Subject
commonName
AAA Certificate Services
countryName
GB
localityName
Salford
organizationName
Comodo CA Limited
stateOrProvinceName
Greater Manchester
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2004-01-01 00:00:00 UTC
Valid to
2028-12-31 23:59:59 UTC
CRL
http://crl.comodo.net/AAACertificateServices.crl
D1:EB:23:A4:6D:17:D6:8F:D9:25:64:C2:F1:F1:60:17:64:D8:E3:49

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: sect571r1
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: sect571r1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: sect571r1
DHE-RSA-AES256-GCM-SHA384 (0x9f) 256 Yes Diffie-Hellman:
Group: draft-ietf-tls-negotiated-ff-dhe-10 ffdhe2048
Bitsize: 2048
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Group: draft-ietf-tls-negotiated-ff-dhe-10 ffdhe2048
Bitsize: 2048
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Group: draft-ietf-tls-negotiated-ff-dhe-10 ffdhe2048
Bitsize: 2048
AES256-GCM-SHA384 (0x9d) 256 No -
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: sect571r1
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: sect571r1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: sect571r1
DHE-RSA-AES128-GCM-SHA256 (0x9e) 128 Yes Diffie-Hellman:
Group: draft-ietf-tls-negotiated-ff-dhe-10 ffdhe2048
Bitsize: 2048
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Group: draft-ietf-tls-negotiated-ff-dhe-10 ffdhe2048
Bitsize: 2048
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: draft-ietf-tls-negotiated-ff-dhe-10 ffdhe2048
Bitsize: 2048
AES128-GCM-SHA256 (0x9c) 128 No -
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=xmpp.shafersound.com&amp;type=client'><img src='https://xmpp.net/badge.php?domain=xmpp.shafersound.com' alt='xmpp.net score' /></a>