Body
Overview
Self-testing for SSL vulnerabilities can be performed via several methods. Each of the methods below gives visibility into slightly different facets of the SSL configuration and posture of the server.
Information
For Internet-facing SSL Web servers on TCP Port 443
Qualys' SSL Tester
Note: Remember to check the Do not show the results on the boards box
- Results in orange or red should be remediated
Mozilla's SSL Observatory
- Results with a red X should be evaluated for remediation
For internal-only servers or servers on non-standard ports
Testssl.sh bash script
Note: This script may require a recent [less than 3 year old] *nix installation to work
- Results in orange or red should be remediated
- Results in yellow should be evaluated for relevance and security impact
For advanced testing
Please use the Information Security Consulting ticket form