Sslyze

SSLyze es una herramienta para analizar la configuración SSL de un servidor, diseñada para ser rápida y exhaustiva. Un ejemplo de uso: $ python sslyze --regular localhost:443 REGISTERING AVAILABLE PLUGINS ----------------------------- PluginCertInfo PluginSessionRenegotiation PluginCompression PluginSessionResumption PluginOpenSSLCipherSuites CHECKING HOST(S) AVAILABILITY ----------------------------- localhost:443 => 127.0.0.1:443 SCAN RESULTS FOR LOCALHOST:443 - 127.0.0.1:443 ----------------------------------------------------------------- * Compression : Compression Support: Disabled * Session Renegotiation : Client-initiated Renegotiations: Rejected Secure Renegotiation: Supported * Certificate : Validation w/ Mozilla's CA Store: Certificate is NOT Trusted: self signed certificate in certificate chain Hostname Validation: OK - Common Name Matches SHA1 Fingerprint: 12C4EC1C16807D8654269FBE5E0A8DBFBF1244CC Common Name: localhost Issuer: /C=ES/ST=IB/O=Localhost CA/CN=localhost/emailAddress=postmaster@localhost Serial Number: F525610B96987DAE Not Before: Mar 20 10:31:07 2013 GMT Not After: Mar 20 10:31:07 2014 GMT Signature Algorithm: sha1WithRSAEncryption Key Size: 2048 Unhandled exception when processing --sslv2: utils.ctSSL.errors.ctSSLFeatureNotAvailable - SSLv2 disabled. * Session Resumption : With Session IDs: Supported (5 successful, 0 failed, 0 errors, 5 total attempts). With TLS Session Tickets: Supported * TLSV1_1 Cipher Suites : Rejected Cipher Suite(s): Hidden Preferred Cipher Suite: RC4-SHA 128 bits HTTP 302 Found - / Accepted Cipher Suite(s): CAMELLIA256-SHA 256 bits HTTP 302 Found - / AES256-SHA 256 bits HTTP 302 Found - / DES-CBC3-SHA 168 bits HTTP 302 Found - / RC4-SHA 128 bits HTTP 302 Found - / CAMELLIA128-SHA 128 bits HTTP 302 Found - / AES128-SHA 128 bits HTTP 302 Found - / Undefined - An unexpected error happened: None * TLSV1_2 Cipher Suites : Rejected Cipher Suite(s): Hidden Preferred Cipher Suite: AES128-GCM-SHA256 128 bits HTTP 302 Found - / Accepted Cipher Suite(s): CAMELLIA256-SHA 256 bits HTTP 302 Found - / AES256-SHA256 256 bits HTTP 302 Found - / AES256-SHA 256 bits HTTP 302 Found - / AES256-GCM-SHA384 256 bits HTTP 302 Found - / DES-CBC3-SHA 168 bits HTTP 302 Found - / RC4-SHA 128 bits HTTP 302 Found - / CAMELLIA128-SHA 128 bits HTTP 302 Found - / AES128-SHA256 128 bits HTTP 302 Found - / AES128-SHA 128 bits HTTP 302 Found - / AES128-GCM-SHA256 128 bits HTTP 302 Found - / Undefined - An unexpected error happened: None * SSLV3 Cipher Suites : Rejected Cipher Suite(s): Hidden Preferred Cipher Suite: RC4-SHA 128 bits HTTP 302 Found - / Accepted Cipher Suite(s): CAMELLIA256-SHA 256 bits HTTP 302 Found - / AES256-SHA 256 bits HTTP 302 Found - / DES-CBC3-SHA 168 bits HTTP 302 Found - / RC4-SHA 128 bits HTTP 302 Found - / CAMELLIA128-SHA 128 bits HTTP 302 Found - / AES128-SHA 128 bits HTTP 302 Found - / Undefined - An unexpected error happened: None * TLSV1 Cipher Suites : Rejected Cipher Suite(s): Hidden Preferred Cipher Suite: RC4-SHA 128 bits HTTP 302 Found - / Accepted Cipher Suite(s): CAMELLIA256-SHA 256 bits HTTP 302 Found - / AES256-SHA 256 bits HTTP 302 Found - / DES-CBC3-SHA 168 bits HTTP 302 Found - / RC4-SHA 128 bits HTTP 302 Found - / CAMELLIA128-SHA 128 bits HTTP 302 Found - / AES128-SHA 128 bits HTTP 302 Found - / Undefined - An unexpected error happened: None SCAN COMPLETED IN 16.95 S -------------------------