IM Observatory server report for niel.site

Test started 2020-06-15 05:11:04 UTC .

Show client to server result | Permalink to this report |

niel.site:5269
Grade T: Certificate is not trusted, but ignoring trust would score an A.
niel.site:5269
StartTLS
REQUIRED
Peer certificate
The server requires incoming s2s connections to present a peer certificate.

SRV records _xmpp-server._tcp.niel.site DNSSEC

Priority Weight Port Server
10 0 5269 niel.site

TLSA records

Certificates

Subject
commonName
*.niel.site
Details
Signature algorithm
sha256WithRSAEncryption
Public key
4096 bit RSA
Valid from
2019-12-26 00:00:00 UTC
Valid to
2021-12-24 23:59:59 UTC
OCSP
http://ocsp.sectigo.com
Valid for niel.site
YES
73:42:72:68:11:4A:F6:1A:D0:78:CF:B4:2D:CC:F0:52:D6:61:64:E6
Subject Alternative Names
DNSName
*.niel.site
DNSName
niel.site Matches
Subject
commonName
Sectigo RSA Domain Validation Secure Server CA
countryName
GB
localityName
Salford
organizationName
Sectigo Limited
stateOrProvinceName
Greater Manchester
Details
Signature algorithm
sha384WithRSAEncryption
Public key
2048 bit RSA
Valid from
2018-11-02 00:00:00 UTC
Valid to
2030-12-31 23:59:59 UTC
CRL
http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl
OCSP
http://ocsp.usertrust.com
33:E4:E8:08:07:20:4C:2B:61:82:A3:A1:4B:59:1A:CD:25:B5:F0:DB
Subject
commonName
USERTrust RSA Certification Authority
countryName
US
localityName
Jersey City
organizationName
The USERTRUST Network
stateOrProvinceName
New Jersey
Details
Error: certificate has expired.
Signature algorithm
sha384WithRSAEncryption
Public key
4096 bit RSA
Valid from
2000-05-30 10:48:38 UTC
Valid to
2020-05-30 10:48:38 UTC
CRL
http://crl.usertrust.com/AddTrustExternalCARoot.crl
OCSP
http://ocsp.usertrust.com
EA:B0:40:68:9A:0D:80:5B:5D:6F:D6:54:FC:16:8C:FF:00:B7:8B:E3
Subject
commonName
AddTrust External CA Root
countryName
SE
organizationalUnitName
AddTrust External TTP Network
organizationName
AddTrust AB
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2000-05-30 10:48:38 UTC
Valid to
2020-05-30 10:48:38 UTC
02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68

Protocols

SSLv2 No
SSLv3 No
TLSv1 No
TLSv1.1 No
TLSv1.2 Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
DHE-RSA-AES256-GCM-SHA384 (0x9f) 256 Yes Diffie-Hellman:
Bitsize: 4096
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Bitsize: 4096
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Bitsize: 4096
DHE-RSA-CAMELLIA256-SHA (0x88) 256 Yes Diffie-Hellman:
Bitsize: 4096
DHE-RSA-AES128-GCM-SHA256 (0x9e) 128 Yes Diffie-Hellman:
Bitsize: 4096
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Bitsize: 4096
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Bitsize: 4096
DHE-RSA-CAMELLIA128-SHA (0x45) 128 Yes Diffie-Hellman:
Bitsize: 4096
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: secp384r1
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: secp384r1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: secp384r1
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: secp384r1
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: secp384r1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: secp384r1
AES256-GCM-SHA384 (0x9d) 256 No -
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
CAMELLIA256-SHA (0x84) 256 No -
AES128-GCM-SHA256 (0x9c) 128 No -
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -
CAMELLIA128-SHA (0x41) 128 No -

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=niel.site&amp;type=server'><img src='https://xmpp.net/badge.php?domain=niel.site' alt='xmpp.net score' /></a>