[openssl-users] regarding ssl_server test

Jeffrey Walton noloader at gmail.com
Sat May 28 02:05:51 UTC 2016


On Thu, May 26, 2016 at 5:51 PM, Jakob Bohm <jb-openssl at wisemo.com> wrote:
> On 26/05/2016 18:33, R-D intern wrote:
>>
>> Hello,
>>           I have implemented ssl for my internal server that listens over
>> a
>> private ip. Can anyone suggest how can I test my ssl_server? For eg.
>> Qualys
>> test shows the amount of ssl implementation of a server listening over
>> public ip  and even checks for vulnerabilities in ssl implementation. How
>> can such a thing be tested for a server listening over private ip?
>> Please help. Awaiting response.
>> Regards,
>> R-D Intern
>>
>
> Indeed, there are many servers that cannot be reached by the
> online configuration tests such as the one run by Qualsys.
>
> What would be really nice would be if one of the good test
> suites could be downloaded and run locally on internal servers,
> non-web servers, staging servers etc. to verify that
> configurations are correct, or at least as good as possible.

That's sslscan (http://sourceforge.net/projects/sslscan/). You need a
modern fork because the original version by Ventura-Whiting and Bowman
has been abandoned. The abandoned version lacks things like TLV 1.2
support and SNI support.

You can find lots of forks of the original sslscan on GitHub:
http://www.google.com/search?q=sslscan+site:github.com

Jeff


More information about the openssl-users mailing list