Forum Discussion
jaikumar_f5_226
Nimbostratus
NimbostratusFind SSL/Tls Versions Supported || Script
Hi Folks,
Well I'm in need of some offline tool or some script that could help me complete my analysis on the SSL/TLs protocols that my end servers are supporting.
Currently I have some default s...
jaikumar_f5
Noctilucent
NoctilucentHere's something that I came up with yesterday, I used csv format to separate using comma and the output file looks fast & good too.
Initialize the output file
> Tls_Output.csv
Creating the output file with Headings
echo "Server,SSL3,TLS1,TLS1_1,TLS1_2" >> Tls_Output.csv
Have a serverlist file created with IP:Port details in it
for i in `cat serverlist`;
do
SSL3 Testing
openssl s_client -connect $i -ssl3 < /dev/null
if [ $? -eq 0 ];then
SSL3_state="PASS"
else
SSL3_state="FAIL"
fi
TLS1 Testing
openssl s_client -connect $i -tls1 < /dev/null
if [ $? -eq 0 ];then
TLS1_state="PASS"
else
TLS1_state="FAIL"
fi
Tls1_1 Testing
openssl s_client -connect $i -tls1_1 < /dev/null
if [ $? -eq 0 ];then
TLS1_1_state="PASS"
else
TLS1_1_state="FAIL"
fi
Tls1_2 Testing
openssl s_client -connect $i -tls1_2 < /dev/null
if [ $? -eq 0 ];then
TLS1_2_state="PASS"
else
TLS1_2_state="FAIL"
fi
Display all the SSL results in the output file
echo "$i,$SSL3_state,$TLS1_state,$TLS1_1_state,$TLS1_2_state" >> Tls_Output.csv
done
Drawback:
I could see the openssl command executing in the console. Have to pass this to a variable to run on the background. A bit of tweak should do the work.
Output File:
Edit: The script has been updated, refer the comments to find the latest.
