LinuxPCI

SSL Vulnerability and Problem Test – Online and Command Line

There are many vulnerabilities out there,  and there seems to be no single test for all of them.

When working to correct SSL issues, some of the more comprensive tests, test EVERYTHING,  while this is good,  it can also make it difficult to test the smaller incremental changes that we make as system administrators make

This blog post is a way to collect and keep a resource in one place of links or methods we can use to quickly test individual failures

The big test,  which only takes a minute or so,  but is somewhat bloated for individual tests,  is ssllabs.com.   You will find out most failures here and even get a grade

http://ssllabs.com

But you wont find them all,  and it is difficult to quickly test small changes.  So here are some instant tests.

if you have an SSL Chain issue

openssl s_client -connect example.com:443

to test for CVE-2014-0224, otherwise know n as a CCS Injection vulnerability enter your domain here

http://ccsbug.exposed/

to test for CVE-2014-0160 or Heartbleed test or

http://possible.lv/tools/hb/