Forum Discussion
NimbostratusGetting "server is vulnerable to a BEAST attack" message in SSL checker
NimbostratusHi Boneyard,
We are using Version: 11.4.1 (Edition: Hotfix HF8), Please find below the cipher list:
tmm --clientcipher 'DEFAULT:!SSLv3:!RC4' ID SUITE BITS PROT METHOD CIPHER MAC KEYX 0: 47 AES128-SHA 128 TLS1 Native AES SHA RSA 1: 47 AES128-SHA 128 TLS1.1 Native AES SHA RSA 2: 47 AES128-SHA 128 TLS1.2 Native AES SHA RSA 3: 47 AES128-SHA 128 DTLS1 Native AES SHA RSA 4: 53 AES256-SHA 256 TLS1 Native AES SHA RSA 5: 53 AES256-SHA 256 TLS1.1 Native AES SHA RSA 6: 53 AES256-SHA 256 TLS1.2 Native AES SHA RSA 7: 53 AES256-SHA 256 DTLS1 Native AES SHA RSA 8: 10 DES-CBC3-SHA 192 TLS1 Native DES SHA RSA 9: 10 DES-CBC3-SHA 192 TLS1.1 Native DES SHA RSA 10: 10 DES-CBC3-SHA 192 TLS1.2 Native DES SHA RSA 11: 10 DES-CBC3-SHA 192 DTLS1 Native DES SHA RSA 12: 60 AES128-SHA256 128 TLS1.2 Native AES SHA256 RSA 13: 61 AES256-SHA256 256 TLS1.2 Native AES SHA256 RSA 14: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1 Native AES SHA ECDHE_RSA 15: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1.1 Native AES SHA ECDHE_RSA 16: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1.2 Native AES SHA ECDHE_RSA 17: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1 Native AES SHA ECDHE_RSA 18: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.1 Native AES SHA ECDHE_RSA 19: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.2 Native AES SHA ECDHE_RSA 20: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1 Native DES SHA ECDHE_RSA 21: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1.1 Native DES SHA ECDHE_RSA 22: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1.2 Native DES SHA ECDHE_RSA
I am attaching ssllab output below:
Configuration
Protocols TLS 1.2Yes TLS 1.1Yes TLS 1.0Yes SSL 3No SSL 2No
Cipher Suites (SSL 3+ suites in server-preferred order; deprecated and SSL 2 suites at the end) TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)128 TLS_RSA_WITH_AES_256_CBC_SHA (0x35)256 TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa)112 TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)128 TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d)256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH secp256r1 (eq. 3072 bits RSA) FS128 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH secp256r1 (eq. 3072 bits RSA) FS256 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012) ECDH secp256r1 (eq. 3072 bits RSA) FS112
Handshake Simulation Android 2.3.7 No SNI 2RSA 2048 (SHA256) TLS 1.0TLS_RSA_WITH_AES_128_CBC_SHA No FS Android 4.0.4RSA 2048 (SHA256) TLS 1.0TLS_RSA_WITH_AES_128_CBC_SHA No FS Android 4.1.1RSA 2048 (SHA256) TLS 1.0TLS_RSA_WITH_AES_128_CBC_SHA No FS Android 4.2.2RSA 2048 (SHA256) TLS 1.0TLS_RSA_WITH_AES_128_CBC_SHA No FS Android 4.3RSA 2048 (SHA256) TLS 1.0TLS_RSA_WITH_AES_128_CBC_SHA No FS Android 4.4.2RSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Android 5.0.0RSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Android 6.0RSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Baidu Jan 2015RSA 2048 (SHA256) TLS 1.0TLS_RSA_WITH_AES_128_CBC_SHA No FS BingPreview Jan 2015RSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Chrome 51 / Win 7 RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Firefox 31.3.0 ESR / Win 7RSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Firefox 46 / Win 7 RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Firefox 47 / Win 7 RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Googlebot Feb 2015RSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS IE 6 / XP No FS 1 No SNI 2Server sent fatal alert: handshake_failure IE 7 / VistaRSA 2048 (SHA256) TLS 1.0TLS_RSA_WITH_AES_128_CBC_SHA No FS IE 8 / XP No FS 1 No SNI 2RSA 2048 (SHA256) TLS 1.0TLS_RSA_WITH_3DES_EDE_CBC_SHA IE 8-10 / Win 7 RRSA 2048 (SHA256) TLS 1.0TLS_RSA_WITH_AES_128_CBC_SHA No FS IE 11 / Win 7 RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS IE 11 / Win 8.1 RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS IE 10 / Win Phone 8.0RSA 2048 (SHA256) TLS 1.0TLS_RSA_WITH_AES_128_CBC_SHA No FS IE 11 / Win Phone 8.1 RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS IE 11 / Win Phone 8.1 Update RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS IE 11 / Win 10 RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Edge 13 / Win 10 RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Edge 13 / Win Phone 10 RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Java 6u45 No SNI 2RSA 2048 (SHA256) TLS 1.0TLS_RSA_WITH_AES_128_CBC_SHA No FS Java 7u25RSA 2048 (SHA256) TLS 1.0TLS_RSA_WITH_AES_128_CBC_SHA No FS Java 8u31RSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS OpenSSL 0.9.8yRSA 2048 (SHA256) TLS 1.0TLS_RSA_WITH_AES_128_CBC_SHA No FS OpenSSL 1.0.1l RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS OpenSSL 1.0.2e RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Safari 5.1.9 / OS X 10.6.8RSA 2048 (SHA256) TLS 1.0TLS_RSA_WITH_AES_128_CBC_SHA No FS Safari 6 / iOS 6.0.1 RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Safari 6.0.4 / OS X 10.8.4 RRSA 2048 (SHA256) TLS 1.0TLS_RSA_WITH_AES_128_CBC_SHA No FS Safari 7 / iOS 7.1 RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Safari 7 / OS X 10.9 RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Safari 8 / iOS 8.4 RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Safari 8 / OS X 10.10 RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Safari 9 / iOS 9 RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Safari 9 / OS X 10.11 RRSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS Apple ATS 9 / iOS 9 RRSA 2048 (SHA256) TLS 1.2TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA ECDH secp256r1 FS Yahoo Slurp Jan 2015RSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS YandexBot Jan 2015RSA 2048 (SHA256) TLS 1.2TLS_RSA_WITH_AES_128_CBC_SHA No FS (1) Clients that do not support Forward Secrecy (FS) are excluded when determining support for it. (2) No support for virtual SSL hosting (SNI). Connects to the default site if the server uses SNI. (3) Only first connection attempt simulated. Browsers sometimes retry with a lower protocol version. (R) Denotes a reference browser or client, with which we expect better effective security. (All) We use defaults, but some platforms do not use their best protocols and features (e.g., Java 6 & 7, older IE).
Protocol Details DROWN (experimental)No, server keys and hostname not seen elsewhere with SSLv2 (1) For a better understanding of this test, please read this longer explanation (2) Key usage data kindly provided by the Censys network search engine; original DROWN test here (3) Censys data is only indicative of possible key and certificate reuse; possibly out-of-date and not complete Secure RenegotiationSupported Secure Client-Initiated RenegotiationYes Insecure Client-Initiated RenegotiationNo BEAST attackNot mitigated server-side (more info) TLS 1.0: 0x2f POODLE (SSLv3)No, SSL 3 not supported (more info) POODLE (TLS)Inconclusive (Timeout) (more info) Downgrade attack preventionYes, TLS_FALLBACK_SCSV supported (more info) SSL/TLS compressionNo RC4No Heartbeat (extension)No Heartbleed (vulnerability)No (more info) OpenSSL CCS vuln. (CVE-2014-0224)No (more info) OpenSSL Padding Oracle vuln. (CVE-2016-2107)No (more info) Forward SecrecyWith some browsers (more info) ALPNNo NPNNo Session resumption (caching)Yes Session resumption (tickets)No OCSP staplingNo Strict Transport Security (HSTS)Yes max-age=63072000; includeSubdomains HSTS PreloadingNot in: Chrome Edge Firefox IE Tor Public Key Pinning (HPKP)No Public Key Pinning Report-OnlyNo Long handshake intoleranceNo TLS extension intoleranceNo TLS version intoleranceNo Incorrect SNI alertsNo Uses common DH primesNo, DHE suites not supported DH public server param (Ys) reuseNo, DHE suites not supported SSL 2 handshake compatibilityYes
