IM Observatory client report for igniterealtime.org

Test started 2022-05-03 13:12:33 UTC .

Show server to server result | Permalink to this report |

xmpp2.igniterealtime.org:5222
Certificate is not trusted, grade capped to F. Ignoring trust: B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
xmpp.igniterealtime.org:5222
Grade T: Certificate is not trusted, but ignoring trust would score an A.

Show all 2 SRV targets

xmpp2.igniterealtime.org:5222
StartTLS
ALLOWED

SASL

Pre-TLS
ANONYMOUS
CRAM-MD5
DIGEST-MD5
JIVE-SHAREDSECRET
PLAIN
SCRAM-SHA-1
Post-TLS
ANONYMOUS
CRAM-MD5
DIGEST-MD5
JIVE-SHAREDSECRET
PLAIN
SCRAM-SHA-1

xmpp.igniterealtime.org:5222
StartTLS
ALLOWED

SASL

Pre-TLS
ANONYMOUS
CRAM-MD5
DIGEST-MD5
JIVE-SHAREDSECRET
PLAIN
SCRAM-SHA-1
Post-TLS
ANONYMOUS
CRAM-MD5
DIGEST-MD5
JIVE-SHAREDSECRET
PLAIN
SCRAM-SHA-1

Show all 2 SRV targets

SRV records _xmpp-client._tcp.igniterealtime.org NO DNSSEC

Priority Weight Port Server
0 10 5222 xmpp2.igniterealtime.org
0 10 5222 xmpp.igniterealtime.org

TLSA records

Show all 2 SRV targets

Certificates

Subject
commonName
igniterealtime.org
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2022-04-11 08:36:47 UTC
Valid to
2022-07-10 08:36:46 UTC
OCSP
http://r3.o.lencr.org
Valid for igniterealtime.org
YES
04:1E:EA:BB:44:A5:12:BE:8E:7F:B6:71:0F:F1:CB:23:9F:AE:28:DE
Subject Alternative Names
DNSName
conference.igniterealtime.org
DNSName
igniterealtime.org Matches
DNSName
www.igniterealtime.org
DNSName
xmpp.igniterealtime.org
DNSName
xmpp2.igniterealtime.org
Subject
commonName
R3
countryName
US
organizationName
Let's Encrypt
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2020-09-04 00:00:00 UTC
Valid to
2025-09-15 16:00:00 UTC
CRL
http://x1.c.lencr.org/
A0:53:37:5B:FE:84:E8:B7:48:78:2C:7C:EE:15:82:7A:6A:F5:A4:05
Subject
commonName
ISRG Root X1
countryName
US
organizationName
Internet Security Research Group
Details
Signature algorithm
sha256WithRSAEncryption
Public key
4096 bit RSA
Valid from
2021-01-20 19:14:03 UTC
Valid to
2024-09-30 18:14:03 UTC
CRL
http://crl.identrust.com/DSTROOTCAX3CRL.crl
93:3C:6D:DE:E9:5C:9C:41:A4:0F:9F:50:49:3D:82:BE:03:AD:87:BF
Subject
commonName
DST Root CA X3
organizationName
Digital Signature Trust Co.
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2000-09-30 21:12:19 UTC
Valid to
2021-09-30 14:01:15 UTC
DA:C9:02:4F:54:D8:F6:DF:94:93:5F:B1:73:26:38:CA:6A:D7:7C:13

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: secp521r1
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: secp521r1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: secp521r1
DHE-RSA-AES256-GCM-SHA384 (0x9f) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES256-GCM-SHA384 (0x9d) 256 No -
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: secp521r1
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: secp521r1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: secp521r1
DHE-RSA-AES128-GCM-SHA256 (0x9e) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES128-GCM-SHA256 (0x9c) 128 No -
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -

Certificates

Subject
commonName
igniterealtime.org
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2022-04-11 08:36:47 UTC
Valid to
2022-07-10 08:36:46 UTC
OCSP
http://r3.o.lencr.org
04:1E:EA:BB:44:A5:12:BE:8E:7F:B6:71:0F:F1:CB:23:9F:AE:28:DE
Subject Alternative Names
DNSName
conference.igniterealtime.org
DNSName
igniterealtime.org
DNSName
www.igniterealtime.org
DNSName
xmpp.igniterealtime.org
DNSName
xmpp2.igniterealtime.org
Subject
commonName
R3
countryName
US
organizationName
Let's Encrypt
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2020-09-04 00:00:00 UTC
Valid to
2025-09-15 16:00:00 UTC
CRL
http://x1.c.lencr.org/
A0:53:37:5B:FE:84:E8:B7:48:78:2C:7C:EE:15:82:7A:6A:F5:A4:05
Subject
commonName
ISRG Root X1
countryName
US
organizationName
Internet Security Research Group
Details
Signature algorithm
sha256WithRSAEncryption
Public key
4096 bit RSA
Valid from
2021-01-20 19:14:03 UTC
Valid to
2024-09-30 18:14:03 UTC
CRL
http://crl.identrust.com/DSTROOTCAX3CRL.crl
93:3C:6D:DE:E9:5C:9C:41:A4:0F:9F:50:49:3D:82:BE:03:AD:87:BF
Subject
commonName
DST Root CA X3
organizationName
Digital Signature Trust Co.
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2000-09-30 21:12:19 UTC
Valid to
2021-09-30 14:01:15 UTC
DA:C9:02:4F:54:D8:F6:DF:94:93:5F:B1:73:26:38:CA:6A:D7:7C:13

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: secp521r1
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: secp521r1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: secp521r1
DHE-RSA-AES256-GCM-SHA384 (0x9f) 256 Yes Diffie-Hellman:
Group: draft-ietf-tls-negotiated-ff-dhe-10 ffdhe2048
Bitsize: 2048
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Group: draft-ietf-tls-negotiated-ff-dhe-10 ffdhe2048
Bitsize: 2048
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Group: draft-ietf-tls-negotiated-ff-dhe-10 ffdhe2048
Bitsize: 2048
AES256-GCM-SHA384 (0x9d) 256 No -
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: secp521r1
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: secp521r1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: secp521r1
DHE-RSA-AES128-GCM-SHA256 (0x9e) 128 Yes Diffie-Hellman:
Group: draft-ietf-tls-negotiated-ff-dhe-10 ffdhe2048
Bitsize: 2048
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Group: draft-ietf-tls-negotiated-ff-dhe-10 ffdhe2048
Bitsize: 2048
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: draft-ietf-tls-negotiated-ff-dhe-10 ffdhe2048
Bitsize: 2048
AES128-GCM-SHA256 (0x9c) 128 No -
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -

Show all 2 SRV targets

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=igniterealtime.org&amp;type=client'><img src='https://xmpp.net/badge.php?domain=igniterealtime.org' alt='xmpp.net score' /></a>