IM Observatory client report for xmpp.sys.kth.se
Test started 2020-11-27 17:53:30 UTC .
Show server to server result | Permalink to this report
|
xmpp.sys.kth.se:5222
Certificate is not trusted, grade capped to F. Ignoring trust: B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
xmpp.sys.kth.se:5222
- StartTLS
- REQUIRED
SASL
Pre-TLS
Post-TLS
SRV records
_xmpp-client._tcp.xmpp.sys.kth.se NO DNSSEC
Priority |
Weight |
Port |
Server |
TLSA records
Certificates
Subject
- commonName
- openfire-1.sys.kth.se
- countryName
- SE
- localityName
- Stockholm
- organizationalUnitName
- ITA
- organizationName
- Kungliga Tekniska högskolan
- postalCode
- 11428
- stateOrProvinceName
- Stockholm
- streetAddress
- Brinellvägen 8
Details
- Signature algorithm
- sha384WithRSAEncryption
- Public key
- 2048 bit RSA
- Valid from
- 2020-04-07 00:00:00 UTC
- Valid to
- 2021-04-07 23:59:59 UTC
- CRL
- http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
- OCSP
- http://GEANT.ocsp.sectigo.com
- Valid for xmpp.sys.kth.se
- YES
-
81:5B:8A:27:C4:4D:9A:A3:95:0E:E4:26:4E:87:06:5B:48:87:D6:FB
Subject Alternative Names
- DNSName
- openfire-1.sys.kth.se
- DNSName
- xmpp.sys.kth.se Matches
Subject
- commonName
- GEANT OV RSA CA 4
- countryName
- NL
- organizationName
- GEANT Vereniging
Details
- Signature algorithm
- sha384WithRSAEncryption
- Public key
- 4096 bit RSA
- Valid from
- 2020-02-18 00:00:00 UTC
- Valid to
- 2033-05-01 23:59:59 UTC
- CRL
- http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl
- OCSP
- http://ocsp.usertrust.com
-
C2:82:6E:26:6D:74:05:D3:4E:F8:97:62:63:6A:E4:B3:6E:86:CB:5E
Subject
- commonName
- USERTrust RSA Certification Authority
- countryName
- US
- localityName
- Jersey City
- organizationName
- The USERTRUST Network
- stateOrProvinceName
- New Jersey
Details
- Signature algorithm
- sha384WithRSAEncryption
- Public key
- 4096 bit RSA
- Valid from
- 2019-03-12 00:00:00 UTC
- Valid to
- 2028-12-31 23:59:59 UTC
- CRL
- http://crl.comodoca.com/AAACertificateServices.crl
- OCSP
- http://ocsp.comodoca.com
-
D8:9E:3B:D4:3D:5D:90:9B:47:A1:89:77:AA:9D:5C:E3:6C:EE:18:4C
Subject
- commonName
- AAA Certificate Services
- countryName
- GB
- localityName
- Salford
- organizationName
- Comodo CA Limited
- stateOrProvinceName
- Greater Manchester
Details
- Signature algorithm
- sha1WithRSAEncryption
- Public key
- 2048 bit RSA
- Valid from
- 2004-01-01 00:00:00 UTC
- Valid to
- 2028-12-31 23:59:59 UTC
- CRL
- http://crl.comodo.net/AAACertificateServices.crl
-
D1:EB:23:A4:6D:17:D6:8F:D9:25:64:C2:F1:F1:60:17:64:D8:E3:49
Subject
- commonName
- USERTrust RSA Certification Authority
- countryName
- US
- localityName
- Jersey City
- organizationName
- The USERTRUST Network
- stateOrProvinceName
- New Jersey
Details
Warning: Certificate is unused.
Error: certificate has expired.
- Signature algorithm
- sha384WithRSAEncryption
- Public key
- 4096 bit RSA
- Valid from
- 2000-05-30 10:48:38 UTC
- Valid to
- 2020-05-30 10:48:38 UTC
- CRL
- http://crl.usertrust.com/AddTrustExternalCARoot.crl
- OCSP
- http://ocsp.usertrust.com
-
EA:B0:40:68:9A:0D:80:5B:5D:6F:D6:54:FC:16:8C:FF:00:B7:8B:E3
Subject
- commonName
- AddTrust External CA Root
- countryName
- SE
- organizationalUnitName
- AddTrust External TTP Network
- organizationName
- AddTrust AB
Details
Warning: Certificate is unused.
Error: certificate has expired.
- Signature algorithm
- sha1WithRSAEncryption
- Public key
- 2048 bit RSA
- Valid from
- 2000-05-30 10:48:38 UTC
- Valid to
- 2020-05-30 10:48:38 UTC
-
02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68
Protocols
SSLv2 |
No |
SSLv3 |
No |
TLSv1 |
Yes |
TLSv1.1 |
Yes |
TLSv1.2 |
Yes |
Ciphers
Server does respect the client's cipher ordering.
Cipher suite | Bitsize | Forward secrecy | Info |
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) |
256
|
Yes
|
Curve: secp521r1
|
ECDHE-RSA-AES256-SHA384 (0xc028) |
256
|
Yes
|
Curve: secp521r1
|
ECDHE-RSA-AES256-SHA (0xc014) |
256
|
Yes
|
Curve: secp521r1
|
DHE-RSA-AES256-GCM-SHA384 (0x9f) |
256
|
Yes
|
Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
|
DHE-RSA-AES256-SHA256 (0x6b) |
256
|
Yes
|
Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
|
DHE-RSA-AES256-SHA (0x39) |
256
|
Yes
|
Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
|
AES256-GCM-SHA384 (0x9d) |
256
|
No
|
-
|
AES256-SHA256 (0x3d) |
256
|
No
|
-
|
AES256-SHA (0x35) |
256
|
No
|
-
|
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) |
128
|
Yes
|
Curve: secp521r1
|
ECDHE-RSA-AES128-SHA256 (0xc027) |
128
|
Yes
|
Curve: secp521r1
|
ECDHE-RSA-AES128-SHA (0xc013) |
128
|
Yes
|
Curve: secp521r1
|
DHE-RSA-AES128-GCM-SHA256 (0x9e) |
128
|
Yes
|
Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
|
DHE-RSA-AES128-SHA256 (0x67) |
128
|
Yes
|
Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
|
DHE-RSA-AES128-SHA (0x33) |
128
|
Yes
|
Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
|
AES128-GCM-SHA256 (0x9c) |
128
|
No
|
-
|
AES128-SHA256 (0x3c) |
128
|
No
|
-
|
AES128-SHA (0x2f) |
128
|
No
|
-
|
Badge
Want to show this result on your webpage? Add this:
<a href='https://xmpp.net/result.php?domain=xmpp.sys.kth.se&type=client'><img src='https://xmpp.net/badge.php?domain=xmpp.sys.kth.se' alt='xmpp.net score' /></a>