---
layout: default
title: Server TLS Certificates
permalink: /certificates/
---

<div class="section-header" id="features-section">
    <center>
       <span class="fa fa-certificate" style="font-size:100px;" aria-hidden="true"></span>
       <h2>Servers TLS Certificates</h2>
    </center>
</div>

<hr class="my-4">

<p style="max-width:800px;text-align:center;margin:0 auto;">One of the benefits of communicating via XMPP is the level of security you may implement on the connection to and from the server.  This server uses <a href="https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions">DNSSEC</a> and <a href="">TLS Certificate Pinning</a>, to secure its users from diffrent <a href="https://en.wikipedia.org/wiki/Man-in-the-middle_attack">MitM</a> attacks outside observers.</p>

<p style="max-width:800px;text-align:center;margin:0 auto;">As an added layer of security, a user may validate this servers TLS Certificates, below is the current fingerprints for each domain name you may use.</p>

<hr class="my-4">

<div id="cert-table">
<h2>{{ site.xmpp-url }}</h2>
<p id="date"><small>(expires: {{ site.fingerprint-expires }})</small></p>
<p>This is the primary certificate that your client will use during its XMPP connection.</p>
{% if site.fingerprint-sha1 %}
  <div class="cert-title">
    <b>SHA1 Fingerprint</b>
  </div>
  <div class="cert-content">
    <pre>{{ site.fingerprint-sha1 }}</pre>
  </div>
{% endif %}
{% if site.fingerprint-sha256 %}
  <div class="cert-title">
    <b>SHA256 Fingerprint</b>
  </div>
  <div class="cert-content">
    <pre>{{ site.fingerprint-sha256 }}</pre>
  </div>
{% endif %}
  <hr class="my-4">
{% if site.xmpp-host %}
<h2>{{ site.xmpp-host }}</h2>
<p id="date"><small>(expires: {{ site.fingerprint-im-expires }})</small></p>
<p>This is the certificate and domain that you are currently using to view this webpage; it is used for most website services.  This is also used during some XMPP connection attempts.</p>
{% if site.xmpp-host and site.fingerprint-im-sha1 %}
  <div class="cert-title">
    <b>SHA1 Fingerprint</b>
  </div>
  <div class="cert-content">
    <pre>{{ site.fingerprint-im-sha1 }}</pre>
  </div>
{% endif %}
{% if site.xmpp-host and site.fingerprint-im-sha256 %}
  <div class="cert-title">
    <b>SHA256 Fingerprint</b>
  </div>
  <div class="cert-content">
    <pre>{{ site.fingerprint-im-sha256 }}</pre>
  </div>
{% endif %}
  <hr class="my-4">
{% endif %}
{% if site.xmpp-conference-url and site.xep-0045 == 1 %}
<h2>{{ site.xmpp-conference-url }}</h2>
<p id="date"><small>(expires: {{ site.fingerprint-conference-expires }})</small></p>
<p>The conference domain at {{ site.xmpp-conference-url }} is used for all <a href="https://xmpp.org/extensions/xep-0045.html">MUC</a> (conference services) within your client.</p>
{% if site.xmpp-conference-url and site.xep-0045 == 1 and site.fingerprint-conference-sha1 %}
  <div class="cert-title">
    <b>SHA1 Fingerprint</b>
  </div>
  <div class="cert-content">
    <pre>{{ site.fingerprint-conference-sha1 }}</pre>
  </div>
{% endif %}
{% if site.xmpp-conference-url and site.xep-0045 == 1 and site.fingerprint-conference-sha256 %}
  <div class="cert-title">
    <b>SHA256 Fingerprint</b>
  </div>
  <div class="cert-content">
    <pre>{{ site.fingerprint-conference-sha256 }}</pre>
  </div>
{% endif %}
  <hr class="my-4">
{% endif %}
{% if site.xmpp-proxy-url and site.xep-0065 == 1 %}
<h2>{{ site.xmpp-proxy-url }}</h2>
<p id="date"><small>(expires: {{ site.fingerprint-proxy-expires }})</small></p>
<p>The Socks 5 Proxy (<a href="https://xmpp.org/extensions/xep-0065.html">XEP-0065</a>) is the old method of transfering files between clients.  Modern clients use the "HTTP File Upload" service, on this service currently found at <b>{{ site.xmpp-upload-url }}</b>.
{% if site.xmpp-proxy-url and site.xep-0065 == 1 and site.fingerprint-proxy-sha1 %}
  <div class="cert-title">
    <b>SHA1 Fingerprint</b>
  </div>
  <div class="cert-content">
    <pre>{{ site.fingerprint-proxy-sha1 }}</pre>
  </div>
{% endif %}
{% if site.xmpp-proxy-url and site.xep-0065 == 1 and site.fingerprint-proxy-sha256 %}
  <div class="cert-title">
    <b>SHA256 Fingerprint</b>
  </div>
  <div class="cert-content">
    <pre>{{ site.fingerprint-proxy-sha256 }}</pre>
  </div>
{% endif %}
  <hr class="my-4">
{% endif %}
{% if site.xmpp-upload-url and site.xep-0363 == 1 %}
<h2>{{ site.xmpp-upload-url }}</h2>
<p id="date"><small>(expires: {{ site.fingerprint-upload-expires }})</small></p>
<p>The <b>{{ site.xmpp-upload-url }}</b> domain is used for the HTTP File Upload (<a href="https://xmpp.org/extensions/xep-0363.html">XEP-0363</a>), that allows a user to upload a file to the server, the server will then provide a URL link back to that file that anyone may view.</p>
{% if site.xmpp-upload-url and site.xep-0363 == 1 and site.fingerprint-upload-sha1 %}
  <div class="cert-title">
    <b>SHA1 Fingerprint</b>
  </div>
  <div class="cert-content">
    <pre>{{ site.fingerprint-upload-sha1 }}</pre>
  </div>
{% endif %}
{% if site.xmpp-upload-url and site.xep-0363 == 1 and site.fingerprint-upload-sha256 %}
  <div class="cert-title">
    <b>SHA256 Fingerprint</b>
  </div>
  <div class="cert-content">
    <pre>{{ site.fingerprint-upload-sha256 }}</pre>
  </div>
{% endif %}
{% endif %}
</div> <!-- Closing cert-table id div -->

<p style='text-align:right;'><a href="https://check.messaging.one/result.php?domain={{ site.xmpp-url }}&amp;type=server"><img src="https://check.messaging.one/badge.php?domain={{ site.xmpp-url }}" alt="check.messaging.one server score" /></a></p>