testing_tls_ssl_encryption

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
testing_tls_ssl_encryption [2018/06/25 09:54]
Stephane de Labrusse
testing_tls_ssl_encryption [2022/01/06 15:27] (current)
Stephane de Labrusse [ssllabs.com]
Line 2: Line 2:
 ====Command-line==== ====Command-line====
 Some commands for QA Some commands for QA
 +
 +xmpp
 +
 +<file>
 +openssl s_client  -starttls xmpp -xmpphost domain.org -connect sub.domain.org:5222
 +</file>
 +
 +domain.org is the domain of xmpp
 +
 +<file>
 +nmap  --script ssl-enum-ciphers sub.domain.org -p 5223
 +</file>
  
 httpd httpd
Line 32: Line 44:
  
     openssl req -new -sha256 -key ecc-qa-key.pem -out ecc-qa-csr.csr -subj '/CN=vmalpha.dpnet.nethesis.it, O=Nethesis, ST=Italy/emailAddress=davide.principi@nethesis.it/subjectAltName=vmalpha.dpnet.nethesis.it,mattermost.dpnet.nethesis.it,mynextcloud.domain.com,vm8.dpnet.nethesis.it, OU=Development, C=IT, L=Pesaro'     openssl req -new -sha256 -key ecc-qa-key.pem -out ecc-qa-csr.csr -subj '/CN=vmalpha.dpnet.nethesis.it, O=Nethesis, ST=Italy/emailAddress=davide.principi@nethesis.it/subjectAltName=vmalpha.dpnet.nethesis.it,mattermost.dpnet.nethesis.it,mynextcloud.domain.com,vm8.dpnet.nethesis.it, OU=Development, C=IT, L=Pesaro'
-    + 
 +Nmap 
 + 
 +     nmap  --script ssl-enum-ciphers 192.168.122.8 -p 636 
 + 
 +The `nmap` command in Fedora 28 has more detailed output than the one in CentOS7. 
 + 
 +openssl 
 + 
 +<file> 
 +openssl s_client -showcerts -connect 192.168.56.8:636 
 +</file>
 ====CryptCheck==== ====CryptCheck====
 https://tls.imirhil.fr/ https://tls.imirhil.fr/
Line 38: Line 61:
 test ssl/tls/ssh test ssl/tls/ssh
  
 +====ssllabs.com====
 +
 +https://www.ssllabs.com/ssltest/
 ==== testssl.sh ==== ==== testssl.sh ====
  
Line 55: Line 81:
  
 Here how to test services, please refer to the man for complete commands Here how to test services, please refer to the man for complete commands
 +
 +* openldap 
 +
 +<file>
 +         ./testssl.sh 127.0.0.1:636
 +
 +</file>
 +
 +* Samba AD
 +
 +<file>
 +         ./testssl.sh ad.domain.com:636
 +</file>
  
 * https  * https 
  • testing_tls_ssl_encryption.1529920477.txt.gz
  • Last modified: 2018/06/25 09:54
  • by Stephane de Labrusse