Checking SSL and TLS configuration with sslyze
Just a quick tip on checking a server's SSL/TLS configuration without too much issues.
sslyze is a python package that can be used to check the accepted ciphers of a certain service, eg:
➜ pip install sslyze ➜ python -m sslyze server.example.com CHECKING CONNECTIVITY TO SERVER(S) ---------------------------------- server.example.com:443 => 192.168.1.208 WARNING: Server requested optional client authentication SCAN RESULTS FOR server.example.com:443 - 192.168.1.208 ------------------------------------------------- * Certificates Information: Hostname sent for SNI: server.example.com Number of certificates detected: 1 Certificate #0 ( _RSAPublicKey ) SHA1 Fingerprint: 2e57a27485b980d25ea0d8d642ab31d5b6a64b6e Common Name: server.example.com Issuer: server.example.com Serial Number: 217661717633682589085577779257221678089539599645 Not Before: 2023-02-15 Not After: 2038-01-18 Public Key Algorithm: _RSAPublicKey Signature Algorithm: sha256 Key Size: 4096 Exponent: 65537 SubjAltName - DNS Names: ['server.example.com'] Certificate #0 - Trust Hostname Validation: OK - Certificate matches server hostname Android CA Store (13.0.0_r9): FAILED - Certificate is NOT Trusted: self-signed certificate in certificate chain Apple CA Store (iOS 16, iPadOS 16, macOS 13, tvOS 16, and watchOS 9):FAILED - Certificate is NOT Trusted: self-signed certificate in certificate chain Java CA Store (jdk-13.0.2): FAILED - Certificate is NOT Trusted: self-signed certificate in certificate chain Mozilla CA Store (2022-12-11): FAILED - Certificate is NOT Trusted: self-signed certificate in certificate chain Windows CA Store (2023-02-19): FAILED - Certificate is NOT Trusted: self-signed certificate in certificate chain Symantec 2018 Deprecation: ERROR - Could not build verified chain (certificate untrusted?) Received Chain: server.example.com --> server.example.com Verified Chain: ERROR - Could not build verified chain (certificate untrusted?) Received Chain Contains Anchor: ERROR - Could not build verified chain (certificate untrusted?) Received Chain Order: OK - Order is valid Verified Chain contains SHA1: ERROR - Could not build verified chain (certificate untrusted?) Certificate #0 - Extensions OCSP Must-Staple: NOT SUPPORTED - Extension not found Certificate Transparency: NOT SUPPORTED - Extension not found Certificate #0 - OCSP Stapling NOT SUPPORTED - Server did not send back an OCSP response * SSL 2.0 Cipher Suites: Attempted to connect using 7 cipher suites; the server rejected all cipher suites. * SSL 3.0 Cipher Suites: Attempted to connect using 80 cipher suites; the server rejected all cipher suites. * TLS 1.0 Cipher Suites: Attempted to connect using 80 cipher suites; the server rejected all cipher suites. * TLS 1.1 Cipher Suites: Attempted to connect using 80 cipher suites; the server rejected all cipher suites. * TLS 1.2 Cipher Suites: Attempted to connect using 156 cipher suites. The server accepted the following 23 cipher suites: TLS_RSA_WITH_AES_256_GCM_SHA384 256 TLS_RSA_WITH_AES_256_CCM 256 TLS_RSA_WITH_AES_256_CBC_SHA256 256 TLS_RSA_WITH_AES_256_CBC_SHA 256 TLS_RSA_WITH_AES_128_GCM_SHA256 128 TLS_RSA_WITH_AES_128_CCM 128 TLS_RSA_WITH_AES_128_CBC_SHA256 128 TLS_RSA_WITH_AES_128_CBC_SHA 128 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 256 ECDH: X25519 (253 bits) TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 ECDH: prime256v1 (256 bits) TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 ECDH: prime256v1 (256 bits) TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 ECDH: prime256v1 (256 bits) TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 128 ECDH: prime256v1 (256 bits) TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 ECDH: prime256v1 (256 bits) TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 256 DH (4096 bits) TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 256 DH (4096 bits) TLS_DHE_RSA_WITH_AES_256_CCM 256 DH (4096 bits) TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 256 DH (4096 bits) TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 DH (4096 bits) TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 128 DH (4096 bits) TLS_DHE_RSA_WITH_AES_128_CCM 128 DH (4096 bits) TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 128 DH (4096 bits) TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 DH (4096 bits) The group of cipher suites supported by the server has the following properties: Forward Secrecy OK - Supported Legacy RC4 Algorithm OK - Not Supported * TLS 1.3 Cipher Suites: Attempted to connect using 5 cipher suites. The server accepted the following 4 cipher suites: TLS_CHACHA20_POLY1305_SHA256 256 ECDH: X25519 (253 bits) TLS_AES_256_GCM_SHA384 256 ECDH: X25519 (253 bits) TLS_AES_128_GCM_SHA256 128 ECDH: X25519 (253 bits) TLS_AES_128_CCM_SHA256 128 ECDH: X25519 (253 bits) * Deflate Compression: OK - Compression disabled * OpenSSL CCS Injection: OK - Not vulnerable to OpenSSL CCS injection * OpenSSL Heartbleed: OK - Not vulnerable to Heartbleed * Client certificated required for --robot: use --cert and --key to provide one. * Session Renegotiation: Client Renegotiation DoS Attack: OK - Not vulnerable Secure Renegotiation: OK - Supported * Elliptic Curve Key Exchange: Supported curves: X25519, X448, prime256v1, secp384r1, secp521r1 Rejected curves: prime192v1, secp160k1, secp160r1, secp160r2, secp192k1, secp224k1, secp224r1, secp256k1, sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1 SCANS COMPLETED IN 6.953993 S ----------------------------- COMPLIANCE AGAINST MOZILLA TLS CONFIGURATION -------------------------------------------- Checking results against Mozilla's "MozillaTlsConfigurationEnum.INTERMEDIATE" configuration. See https://ssl-config.mozilla.org/ for more details. server.example.com:443: ERROR - Scan did not run successfully; review the scan logs above.
Happy hacking!