IM Observatory client report for aws-dev.signaling.transientx.com
Test started 2019-10-18 12:13:30 UTC .
Show server to server result | Permalink to this report |
Score
aws-dev.signaling.transientx.com:5222
Grade:
B
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
General
aws-dev.signaling.transientx.com:5222
- StartTLS
- REQUIRED
SASL
Pre-TLS
None
Post-TLS
| ANONYMOUS |
| PLAIN |
| SCRAM-SHA-1 |
DNS
SRV records _xmpp-client._tcp.aws-dev.signaling.transientx.com NO DNSSEC
| Priority | Weight | Port | Server |
|---|
TLSA records
_5222._tcp.aws-dev.signaling.transientx.com NO DNSSEC
TLS
aws-dev.signaling.transientx.com:5222
Certificates
#0 *.portal.transientx.com
Subject
- commonName
- *.portal.transientx.com
- organizationalUnitName
- Domain Control Validated
- organizationalUnitName
- PositiveSSL Multi-Domain
Details
- Signature algorithm
- sha256WithRSAEncryption
- Public key
- 2048 bit RSA
- Valid from
- 2019-02-07 00:00:00 UTC
- Valid to
- 2020-02-07 23:59:59 UTC
- OCSP
- http://ocsp.sectigo.com
- Valid for aws-dev.signaling.transientx.com
- YES
60:F3:DE:75:36:E1:4C:6C:92:94:6D:05:D8:91:CB:74:46:B3:96:D8
Subject Alternative Names
- DNSName
- *.portal.transientx.com
- DNSName
- *.signaling.transientx.com
- DNSName
- portal.transientx.com
- DNSName
- signaling.transientx.com
#1 Sectigo RSA Domain Validation Secure Server CA
Subject
- commonName
- Sectigo RSA Domain Validation Secure Server CA
- countryName
- GB
- localityName
- Salford
- organizationName
- Sectigo Limited
- stateOrProvinceName
- Greater Manchester
Details
- Signature algorithm
- sha384WithRSAEncryption
- Public key
- 2048 bit RSA
- Valid from
- 2018-11-02 00:00:00 UTC
- Valid to
- 2030-12-31 23:59:59 UTC
- CRL
- http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl
- OCSP
- http://ocsp.usertrust.com
33:E4:E8:08:07:20:4C:2B:61:82:A3:A1:4B:59:1A:CD:25:B5:F0:DB
USERTrust RSA Certification Authority
Subject
- commonName
- USERTrust RSA Certification Authority
- countryName
- US
- localityName
- Jersey City
- organizationName
- The USERTRUST Network
- stateOrProvinceName
- New Jersey
Details
- Signature algorithm
- sha384WithRSAEncryption
- Public key
- 4096 bit RSA
- Valid from
- 2010-02-01 00:00:00 UTC
- Valid to
- 2038-01-18 23:59:59 UTC
2B:8F:1B:57:33:0D:BB:A2:D0:7A:6C:51:F7:0E:E9:0D:DA:B9:AD:8E
#2 USERTrust RSA Certification Authority
Subject
- commonName
- USERTrust RSA Certification Authority
- countryName
- US
- localityName
- Jersey City
- organizationName
- The USERTRUST Network
- stateOrProvinceName
- New Jersey
Details
Warning: Certificate is unused.
- Signature algorithm
- sha384WithRSAEncryption
- Public key
- 4096 bit RSA
- Valid from
- 2000-05-30 10:48:38 UTC
- Valid to
- 2020-05-30 10:48:38 UTC
- CRL
- http://crl.usertrust.com/AddTrustExternalCARoot.crl
- OCSP
- http://ocsp.usertrust.com
EA:B0:40:68:9A:0D:80:5B:5D:6F:D6:54:FC:16:8C:FF:00:B7:8B:E3
#3 AddTrust External CA Root
Subject
- commonName
- AddTrust External CA Root
- countryName
- SE
- organizationalUnitName
- AddTrust External TTP Network
- organizationName
- AddTrust AB
Details
Warning: Certificate is unused.
- Signature algorithm
- sha1WithRSAEncryption
- Public key
- 2048 bit RSA
- Valid from
- 2000-05-30 10:48:38 UTC
- Valid to
- 2020-05-30 10:48:38 UTC
02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68
Protocols
| SSLv2 | No |
| SSLv3 | No |
| TLSv1 | Yes |
| TLSv1.1 | Yes |
| TLSv1.2 | Yes |
Ciphers
Server does respect the client's cipher ordering.
| Cipher suite | Bitsize | Forward secrecy | Info |
|---|---|---|---|
| ECDHE-RSA-AES256-GCM-SHA384 (0xc030) | 256 | Yes | Curve: sect571r1 |
| ECDHE-RSA-AES256-SHA384 (0xc028) | 256 | Yes | Curve: sect571r1 |
| ECDHE-RSA-AES256-SHA (0xc014) | 256 | Yes | Curve: sect571r1 |
| DHE-RSA-AES256-GCM-SHA384 (0x9f) | 256 | Yes |
Diffie-Hellman: Group: RFC 2409 First Oakley Default Group Bitsize: 1024 |
| DHE-RSA-AES256-SHA256 (0x6b) | 256 | Yes |
Diffie-Hellman: Group: RFC 2409 First Oakley Default Group Bitsize: 1024 |
| DHE-RSA-AES256-SHA (0x39) | 256 | Yes |
Diffie-Hellman: Group: RFC 2409 First Oakley Default Group Bitsize: 1024 |
| AES256-GCM-SHA384 (0x9d) | 256 | No | - |
| AES256-SHA256 (0x3d) | 256 | No | - |
| AES256-SHA (0x35) | 256 | No | - |
| ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) | 128 | Yes | Curve: sect571r1 |
| ECDHE-RSA-AES128-SHA256 (0xc027) | 128 | Yes | Curve: sect571r1 |
| ECDHE-RSA-AES128-SHA (0xc013) | 128 | Yes | Curve: sect571r1 |
| DHE-RSA-AES128-GCM-SHA256 (0x9e) | 128 | Yes |
Diffie-Hellman: Group: RFC 2409 First Oakley Default Group Bitsize: 1024 |
| DHE-RSA-AES128-SHA256 (0x67) | 128 | Yes |
Diffie-Hellman: Group: RFC 2409 First Oakley Default Group Bitsize: 1024 |
| DHE-RSA-AES128-SHA (0x33) | 128 | Yes |
Diffie-Hellman: Group: RFC 2409 First Oakley Default Group Bitsize: 1024 |
| AES128-GCM-SHA256 (0x9c) | 128 | No | - |
| AES128-SHA256 (0x3c) | 128 | No | - |
| AES128-SHA (0x2f) | 128 | No | - |
Badge
Want to show this result on your webpage? Add this:
<a href='https://xmpp.net/result.php?domain=aws-dev.signaling.transientx.com&type=client'><img src='https://xmpp.net/badge.php?domain=aws-dev.signaling.transientx.com' alt='xmpp.net score' /></a>