IM Observatory server report for messenger.gei.de

Test started 2018-08-10 00:33:41 UTC .

Show client to server result | Permalink to this report | Retest

messenger.gei.de:5269
Server supports SSL 3. Grade capped to B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
messenger.gei.de:5269
StartTLS
ALLOWED

SRV records _xmpp-server._tcp.messenger.gei.de NO DNSSEC

Priority Weight Port Server
10 0 5269 messenger.gei.de

TLSA records

Certificates

Subject
commonName
messenger.gei.de
countryName
DE
localityName
Braunschweig
organizationalUnitName
Digitale Informations- und Forschungsinfrastrutkur
organizationName
Georg-Eckert-Institut fuer internationale Schulbuchforschung
stateOrProvinceName
Niedersachsen
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2017-02-22 14:03:18 UTC
Valid to
2019-07-09 23:59:00 UTC
CRL
http://cdp2.pca.dfn.de/gei-ca/pub/crl/cacrl.crl
OCSP
http://ocsp.pca.dfn.de/OCSP-Server/OCSP
Valid for messenger.gei.de
YES
86:3E:0B:19:89:22:21:51:4A:DF:B2:BC:02:8B:51:42:20:34:58:A3
Subject Alternative Names
DNSName
messenger.gei.de Matches
Subject
commonName
GEI CA - G01
countryName
DE
emailAddress
ca@gei.de
organizationName
Georg-Eckert-Institut fuer internationale Schulbuchforschung
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2014-06-05 14:06:52 UTC
Valid to
2019-07-09 23:59:00 UTC
CRL
http://cdp2.pca.dfn.de/global-root-ca/pub/crl/cacrl.crl
OCSP
http://ocsp.pca.dfn.de/OCSP-Server/OCSP
CD:DC:E9:54:C4:03:81:F5:FA:BB:24:F1:36:10:7B:91:55:DB:FD:5E
Subject
commonName
DFN-Verein PCA Global - G01
countryName
DE
organizationalUnitName
DFN-PKI
organizationName
DFN-Verein
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2014-07-22 12:08:26 UTC
Valid to
2019-07-09 23:59:00 UTC
CRL
http://pki0336.telesec.de/rl/DT_ROOT_CA_2.crl
OCSP
http://ocsp0336.telesec.de/ocspr
F4:C5:38:C3:BB:99:4F:13:F8:FD:C2:40:B6:79:A6:4B:19:34:A1:B5
Subject
commonName
Deutsche Telekom Root CA 2
countryName
DE
organizationalUnitName
T-TeleSec Trust Center
organizationName
Deutsche Telekom AG
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
1999-07-09 12:11:00 UTC
Valid to
2019-07-09 23:59:00 UTC
85:A4:08:C0:9C:19:3E:5D:51:58:7D:CD:D6:13:30:FD:8C:DE:37:BF

Protocols

SSLv2 No
SSLv3 Yes
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: secp521r1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: secp521r1
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: secp521r1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: secp521r1
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -
ECDHE-RSA-DES-CBC3-SHA (0xc012) WEAK 112 Yes Curve: secp521r1
EDH-RSA-DES-CBC3-SHA (0x16) WEAK 112 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DES-CBC3-SHA (0xa) WEAK 112 No -

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=messenger.gei.de&amp;type=server'><img src='https://xmpp.net/badge.php?domain=messenger.gei.de' alt='xmpp.net score' /></a>