IM Observatory server report for scottdial.com

Test started 2018-03-07 00:20:30 UTC .

Show client to server result | Permalink to this report | Retest

openfire.scottdial.com:5269
Certificate is not trusted, grade capped to F. Ignoring trust: B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
openfire.scottdial.com:5269
StartTLS
ALLOWED

SRV records _xmpp-server._tcp.scottdial.com DNSSEC

Priority Weight Port Server
0 0 5269 openfire.scottdial.com

TLSA records

Certificates

Subject
commonName
*.scottdial.com
countryName
US
emailAddress
hostmaster@scottdial.com
Details
Error: unable to get local issuer certificate.
Error: unable to verify the first certificate.
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2015-10-29 05:36:38 UTC
Valid to
2018-10-28 05:36:38 UTC
CRL
http://crl.certum.pl/dvcasha2.crl
OCSP
http://dvcasha2.ocsp-certum.com
Valid for scottdial.com
YES
B5:D1:0F:69:BD:C6:D4:1E:29:9C:D4:15:73:20:A3:1B:6A:1B:3B:AF
Subject Alternative Names
DNSName
*.scottdial.com
DNSName
scottdial.com Matches
Subject
commonName
Certum Domain Validation CA SHA2
countryName
PL
organizationalUnitName
Certum Certification Authority
organizationName
Unizeto Technologies S.A.
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2014-09-11 12:00:00 UTC
Valid to
2027-06-09 10:46:39 UTC
CRL
http://crl.certum.pl/ctnca.crl
OCSP
http://subca.ocsp-certum.com
FF:9C:EB:13:C8:3F:15:B8:00:E6:EF:F9:87:B2:C7:2E:01:B4:B3:20
Subject
commonName
Certum Trusted Network CA
countryName
PL
organizationalUnitName
Certum Certification Authority
organizationName
Unizeto Technologies S.A.
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2008-10-22 12:07:37 UTC
Valid to
2027-06-10 10:46:39 UTC
CRL
http://crl.certum.pl/ca.crl
OCSP
http://subca.ocsp-certum.com
92:9B:AD:F2:60:81:52:34:90:ED:C9:11:54:B3:80:A4:77:6E:21:85
Subject
commonName
Certum CA
countryName
PL
organizationName
Unizeto Sp. z o.o.
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2002-06-11 10:46:39 UTC
Valid to
2027-06-11 10:46:39 UTC
62:52:DC:40:F7:11:43:A2:2F:DE:9E:F7:34:8E:06:42:51:B1:81:18

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: secp521r1
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: secp521r1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: secp521r1
DHE-RSA-AES256-GCM-SHA384 (0x9f) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES256-GCM-SHA384 (0x9d) 256 No -
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: secp521r1
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: secp521r1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: secp521r1
DHE-RSA-AES128-GCM-SHA256 (0x9e) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES128-GCM-SHA256 (0x9c) 128 No -
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -
ECDHE-RSA-DES-CBC3-SHA (0xc012) WEAK 112 Yes Curve: secp521r1
EDH-RSA-DES-CBC3-SHA (0x16) WEAK 112 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DES-CBC3-SHA (0xa) WEAK 112 No -

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=scottdial.com&amp;type=server'><img src='https://xmpp.net/badge.php?domain=scottdial.com' alt='xmpp.net score' /></a>