testssl.sh hangs at Secure Client-Initiated Renegotiation for OLS 1.4.6 SSL site ?
110 views
Skip to first unread message
George Liu
Mar 26, 2015, 6:02:01 PM3/26/15
to openlitespee...@googlegroups.com
Running testssl.sh tool against my OLS 1.4.6 test SSL https site it seems to hang when it comes to Secure Client-Initiated Renegotiation part of test ?
Ideally it should be set as not offered, so where would I configure that in OLS ?
#########################################################
testssl v2.3dev (https://testssl.sh)
($Id: testssl.sh,v 1.214 2015/03/17 21:12:24 dirkw Exp $)
This program is free software. Redistribution +
modification under GPLv2 is permitted.
USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
Note: you can only check the server with what is
available (ciphers/protocols) locally on your machine!
#########################################################
Using "OpenSSL 1.0.2-chacha (1.0.2b-dev)" [~177 ciphers] on
01def0673358:/usr/local/http2-15/bin/openssl
(built: "reproducible build, date unspecified", platform: "linux-x86_64")
Testing now (2015-03-26 21:56) ---> 198.199.94.9:8099 (h2ohttp2.centminmod.com) <---
Service detected: HTTP
--> Testing Protocols
SSLv2 offered (NOT ok) -- 4282 ciphers
SSLv3 not offered (OK)
TLSv1 offered
TLSv1.1 offered
TLSv1.2 offered (OK)
SPDY/NPN h2-14, spdy/3.1, spdy/3, spdy/2, http/1.1 (advertised)
--> Testing standard cipher lists
Null Cipher not offered (OK)
Anonymous NULL Cipher not offered (OK)
Anonymous DH Cipher not offered (OK)
40 Bit encryption not offered (OK)
56 Bit encryption not offered (OK)
Export Cipher (general) not offered (OK)
Low (<=64 Bit) not offered (OK)
DES Cipher not offered (OK)
Triple DES Cipher not offered (OK)
Medium grade encryption not offered (OK)
High grade encryption offered (OK)
--> Testing server preferences
Has server cipher order? yes (OK)
Negotiated protocol TLSv1.2
Negotiated cipher ECDHE-RSA-CHACHA20-POLY1305
Negotiated cipher per proto
ECDHE-RSA-AES128-SHA: TLSv1, TLSv1.1
ECDHE-RSA-CHACHA20-POLY1305: TLSv1.2, spdy/3.1
--> Testing server defaults (Server Hello)
TLS server extensions renegotiation info, EC point formats, session ticket, status request, heartbeat
Session Tickets RFC 5077 300 seconds
Server key size 2048 bit
Signature Algorithm SHA256withRSA
Fingerprint / Serial SHA1 8CCB5CAA6066F2321A6FE8ED37920B7687CFBE39 / 623CBC1C62FD9C08BD83C9F033B009C8
SHA256 F9B041F7F6ACB1503FB68592B7F0B972D47683402DA2A5D30BAFCF9B70405E88
Common Name (CN) *.centminmod.com (works w/o SNI)
subjectAltName (SAN) *.centminmod.com centminmod.com
Issuer COMODO RSA Domain Validation Secure Server CA ('COMODO CA Limited' from 'GB')
Certificate Expiration >= 60 days (2014-08-14 00:00 --> 2017-08-13 23:59 +0000)
# of certificates provided 3
Certificate Revocation List http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl
OCSP URI http://ocsp.comodoca.com
OCSP stapling OCSP stapling offered
--> Testing HTTP Header response
failed (HTTP header request stalled)
HPKP --
Server no "Server" line in header, interesting!
Application (no banner at "/flags.html")
Cookie(s) (none issued at "/flags.html")
--> Testing specific vulnerabilities
Heartbleed (CVE-2014-0160) not vulnerable (OK) (timed out)
CCS (CVE-2014-0224), experimental not vulnerable (OK)
Secure Client-Initiated Renegotiation ^C
George Liu
Mar 26, 2015, 6:02:52 PM3/26/15
to openlitespee...@googlegroups.com
Also why is SSLv2 still offered when I have !SSLv2 set ?
SSLv2 offered (NOT ok) -- 4282 ciphers
George Wang
Mar 27, 2015, 9:51:42 AM3/27/15
to openlitespee...@googlegroups.com
Hi George,
SSLv2 was completely disabled, maybe it still appear in the cipher list,
but cannot use any of them.
I do not know why it shows up. Maybe our default cipher list did not do
that.
When you set the cipher list, make sure it does not start with "ALL",
"SSLv3:", "TLSv1:", otherwise, server will override it to the built-in
default,
"EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 "
"EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 "
"EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW "
"!3DES !MD5 !SSLv2 !EXP !PSK !SRP "
"!DSSTLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:"
the "!SSLv2" was added in our latest code, you can try this cipher list,
see if SSLv2 ciphers have been taken care of.
The hanging issue of client-initiated renegotiation need to be
investigated more.
Thanks,
George Wang
> <http://198.199.94.9:8099> (h2ohttp2.centminmod.com
> <http://h2ohttp2.centminmod.com>) <---
> <http://centminmod.com> (works w/o SNI)
> subjectAltName (SAN) *.centminmod.com
> <http://centminmod.com> centminmod.com <http://centminmod.com>
> You received this message because you are subscribed to the Google
> Groups "OpenLiteSpeed Development" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to openlitespeed-deve...@googlegroups.com
> <mailto:openlitespeed-deve...@googlegroups.com>.
> To post to this group, send email to
> openlitespee...@googlegroups.com
> <mailto:openlitespee...@googlegroups.com>.
> Visit this group at
> http://groups.google.com/group/openlitespeed-development.
> For more options, visit https://groups.google.com/d/optout.
SSLv2 was completely disabled, maybe it still appear in the cipher list,
but cannot use any of them.
I do not know why it shows up. Maybe our default cipher list did not do
that.
When you set the cipher list, make sure it does not start with "ALL",
"SSLv3:", "TLSv1:", otherwise, server will override it to the built-in
default,
"EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 "
"EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 "
"EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW "
"!3DES !MD5 !SSLv2 !EXP !PSK !SRP "
"!DSSTLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:"
the "!SSLv2" was added in our latest code, you can try this cipher list,
see if SSLv2 ciphers have been taken care of.
The hanging issue of client-initiated renegotiation need to be
investigated more.
Thanks,
George Wang
> <http://h2ohttp2.centminmod.com>) <---
> subjectAltName (SAN) *.centminmod.com
> <http://centminmod.com> centminmod.com <http://centminmod.com>
> Issuer COMODO RSA Domain Validation Secure
> Server CA ('COMODO CA Limited' from 'GB')
> Certificate Expiration >= 60 days (2014-08-14 00:00 -->
> 2017-08-13 23:59 +0000)
> # of certificates provided 3
> Certificate Revocation List
> http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl
> <http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl>
> OCSP URI http://ocsp.comodoca.com
> OCSP stapling OCSP stapling offered
>
> --> Testing HTTP Header response
>
> failed (HTTP header request stalled)
> HPKP --
> Server no "Server" line in header, interesting!
> Application (no banner at "/flags.html")
> Cookie(s) (none issued at "/flags.html")
>
> --> Testing specific vulnerabilities
>
> Heartbleed (CVE-2014-0160) not vulnerable (OK)
> (timed out)
> CCS (CVE-2014-0224), experimental not vulnerable (OK)
> Secure Client-Initiated Renegotiation ^C
>
> --
> Server CA ('COMODO CA Limited' from 'GB')
> Certificate Expiration >= 60 days (2014-08-14 00:00 -->
> 2017-08-13 23:59 +0000)
> # of certificates provided 3
> Certificate Revocation List
> http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl
> <http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl>
> OCSP URI http://ocsp.comodoca.com
> OCSP stapling OCSP stapling offered
>
> --> Testing HTTP Header response
>
> failed (HTTP header request stalled)
> HPKP --
> Server no "Server" line in header, interesting!
> Application (no banner at "/flags.html")
> Cookie(s) (none issued at "/flags.html")
>
> --> Testing specific vulnerabilities
>
> Heartbleed (CVE-2014-0160) not vulnerable (OK)
> (timed out)
> CCS (CVE-2014-0224), experimental not vulnerable (OK)
> Secure Client-Initiated Renegotiation ^C
>
> You received this message because you are subscribed to the Google
> Groups "OpenLiteSpeed Development" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to openlitespeed-deve...@googlegroups.com
> <mailto:openlitespeed-deve...@googlegroups.com>.
> To post to this group, send email to
> openlitespee...@googlegroups.com
> <mailto:openlitespee...@googlegroups.com>.
> Visit this group at
> http://groups.google.com/group/openlitespeed-development.
> For more options, visit https://groups.google.com/d/optout.
George Liu
Mar 28, 2015, 2:44:39 AM3/28/15
to openlitespee...@googlegroups.com
I am using this cipher preference for Nginx SPDY/3.1, OpenLiteSpeed 1.4.6 and h2o HTTP/2 server all use same cipher preference but only OLS 1.4.6 gives a different testssl result
this is for OpenLiteSpeed 1.4.6 below. Nginx and h2o disable SSLv2 and SSLv3 from ssl protocol level and not preferences settings in config files. Maybe testssl is looking at protocol level for SSLv2 ?
ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!SSLv2:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA:!DES-CBC3-SHA
For Nginx SPDY/3.1
#########################################################
testssl v2.3dev (https://testssl.sh)
($Id: testssl.sh,v 1.214 2015/03/17 21:12:24 dirkw Exp $)
This program is free software. Redistribution +
modification under GPLv2 is permitted.
USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
Note: you can only check the server with what is
available (ciphers/protocols) locally on your machine!
#########################################################
Using "OpenSSL 1.0.2-chacha (1.0.2b-dev)" [~177 ciphers] on
01def0673358:/usr/local/http2-15/bin/openssl
(built: "reproducible build, date unspecified", platform: "linux-x86_64")
Testing now (2015-03-26 21:50) ---> 198.199.94.9:443 (h2ohttp2.centminmod.com) <---
Service detected: HTTP
--> Testing Protocols
SSLv2 not offered (OK)
SSLv3 not offered (OK)
TLSv1 offered
TLSv1.1 offered
TLSv1.2 offered (OK)
SPDY/NPN spdy/3.1, http/1.1 (advertised)
--> Testing standard cipher lists
Null Cipher not offered (OK)
Anonymous NULL Cipher not offered (OK)
Anonymous DH Cipher not offered (OK)
40 Bit encryption not offered (OK)
56 Bit encryption not offered (OK)
Export Cipher (general) not offered (OK)
Low (<=64 Bit) not offered (OK)
DES Cipher not offered (OK)
Triple DES Cipher not offered (OK)
Medium grade encryption not offered (OK)
High grade encryption offered (OK)
--> Testing server preferences
Has server cipher order? yes (OK)
Negotiated protocol TLSv1.2
Negotiated cipher ECDHE-RSA-CHACHA20-POLY1305
Negotiated cipher per proto
ECDHE-RSA-AES128-SHA: TLSv1, TLSv1.1
ECDHE-RSA-CHACHA20-POLY1305: TLSv1.2, spdy/3.1
--> Testing server defaults (Server Hello)
TLS server extensions server name, renegotiation info, EC point formats, session ticket, status request, heartbeat
Session Tickets RFC 5077 43200 seconds
Server key size 2048 bit
Signature Algorithm SHA256withRSA
Fingerprint / Serial SHA1 8CCB5CAA6066F2321A6FE8ED37920B7687CFBE39 / 623CBC1C62FD9C08BD83C9F033B009C8
SHA256 F9B041F7F6ACB1503FB68592B7F0B972D47683402DA2A5D30BAFCF9B70405E88
Common Name (CN) *.centminmod.com (works w/o SNI)
subjectAltName (SAN) *.centminmod.com centminmod.com
Issuer COMODO RSA Domain Validation Secure Server CA ('COMODO CA Limited' from 'GB')
Certificate Expiration >= 60 days (2014-08-14 00:00 --> 2017-08-13 23:59 +0000)
# of certificates provided 3
Certificate Revocation List http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl
OCSP URI http://ocsp.comodoca.com
OCSP stapling OCSP stapling offered
--> Testing HTTP Header response
HSTS --
HPKP --
Server nginx centminmod
Application (no banner at "/flags.html")
Cookie(s) (none issued at "/flags.html")
--> Testing specific vulnerabilities
Heartbleed (CVE-2014-0160) not vulnerable (OK)
CCS (CVE-2014-0224), experimental not vulnerable (OK)
Secure Client-Initiated Renegotiation not vulnerable (OK)
Renegotiation (CVE 2009-3555) not vulnerable (OK)
CRIME, TLS (CVE-2012-4929) not vulnerable (OK)
BREACH (CVE-2013-3587) =HTTP Compression NOT ok: uses gzip compression (only "/flags.html" tested)
POODLE, SSL (CVE-2014-3566), experimental not vulnerable (OK)
FREAK (CVE-2015-0204), experimental not vulnerable (OK)
BEAST (CVE-2011-3389) no CBC ciphers for TLS1 (OK)
--> Checking RC4 Ciphers
no RC4 ciphers detected (OK)
--> Testing (Perfect) Forward Secrecy (P)FS) -- omitting 3DES, RC4 and Null Encryption here
OK: PFS is offered. Client/browser support is important here. Offered PFS server ciphers follow...
Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits
-------------------------------------------------------------------------
xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH AESGCM 256
x9f DHE-RSA-AES256-GCM-SHA384 DH AESGCM 256
x6b DHE-RSA-AES256-SHA256 DH AES 256
x39 DHE-RSA-AES256-SHA DH AES 256
xcc13 ECDHE-RSA-CHACHA20-POLY1305 ECDH ChaCha20 256
xc014 ECDHE-RSA-AES256-SHA ECDH AES 256
xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH AESGCM 128
xc027 ECDHE-RSA-AES128-SHA256 ECDH AES 128
x9e DHE-RSA-AES128-GCM-SHA256 DH AESGCM 128
x67 DHE-RSA-AES128-SHA256 DH AES 128
x33 DHE-RSA-AES128-SHA DH AES 128
xc013 ECDHE-RSA-AES128-SHA ECDH AES 128
For h2o HTTP/2
#########################################################
testssl v2.3dev (https://testssl.sh)
($Id: testssl.sh,v 1.214 2015/03/17 21:12:24 dirkw Exp $)
This program is free software. Redistribution +
modification under GPLv2 is permitted.
USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
Note: you can only check the server with what is
available (ciphers/protocols) locally on your machine!
#########################################################
Using "OpenSSL 1.0.2-chacha (1.0.2b-dev)" [~177 ciphers] on
01def0673358:/usr/local/http2-15/bin/openssl
(built: "reproducible build, date unspecified", platform: "linux-x86_64")
Testing now (2015-03-27 01:32) ---> 198.199.94.9:8081 (h2ohttp2.centminmod.com) <---
Service detected: HTTP
--> Testing Protocols
SSLv2 not offered (OK)
SSLv3 not offered (OK)
TLSv1 offered
TLSv1.1 offered
TLSv1.2 offered (OK)
SPDY/NPN please check manually, response from server was ambigious ...
--> Testing standard cipher lists
Null Cipher not offered (OK)
Anonymous NULL Cipher not offered (OK)
Anonymous DH Cipher not offered (OK)
40 Bit encryption not offered (OK)
56 Bit encryption not offered (OK)
Export Cipher (general) not offered (OK)
Low (<=64 Bit) not offered (OK)
DES Cipher not offered (OK)
Triple DES Cipher not offered (OK)
Medium grade encryption not offered (OK)
High grade encryption offered (OK)
--> Testing server preferences
Has server cipher order? yes (OK)
Negotiated protocol TLSv1.2
Negotiated cipher ECDHE-RSA-CHACHA20-POLY1305
Negotiated cipher per proto
ECDHE-RSA-AES128-SHA: TLSv1, TLSv1.1
ECDHE-RSA-CHACHA20-POLY1305: TLSv1.2, spdy/4a2
--> Testing server defaults (Server Hello)
TLS server extensions renegotiation info, EC point formats, session ticket, status request
Session Tickets RFC 5077 300 seconds
Server key size 2048 bit
Signature Algorithm SHA256withRSA
Fingerprint / Serial SHA1 8CCB5CAA6066F2321A6FE8ED37920B7687CFBE39 / 623CBC1C62FD9C08BD83C9F033B009C8
SHA256 F9B041F7F6ACB1503FB68592B7F0B972D47683402DA2A5D30BAFCF9B70405E88
Common Name (CN) *.centminmod.com (works w/o SNI)
subjectAltName (SAN) *.centminmod.com centminmod.com
Issuer COMODO RSA Domain Validation Secure Server CA ('COMODO CA Limited' from 'GB')
Certificate Expiration >= 60 days (2014-08-14 00:00 --> 2017-08-13 23:59 +0000)
# of certificates provided 3
Certificate Revocation List http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl
OCSP URI http://ocsp.comodoca.com
OCSP stapling OCSP stapling offered
--> Testing HTTP Header response
HSTS --
HPKP --
Server h2o/1.1.2-alpha1
Application (no banner at "/flags.html")
Cookie(s) (none issued at "/flags.html")
--> Testing specific vulnerabilities
Heartbleed (CVE-2014-0160) not vulnerable (OK)
CCS (CVE-2014-0224), experimental not vulnerable (OK)
Secure Client-Initiated Renegotiation not vulnerable (OK)
Renegotiation (CVE 2009-3555) not vulnerable (OK)
CRIME, TLS (CVE-2012-4929) not vulnerable (OK)
BREACH (CVE-2013-3587) =HTTP Compression no HTTP compression (OK) (only "/flags.html" tested)
POODLE, SSL (CVE-2014-3566), experimental not vulnerable (OK)
FREAK (CVE-2015-0204), experimental not vulnerable (OK)
BEAST (CVE-2011-3389) no CBC ciphers for TLS1 (OK)
--> Checking RC4 Ciphers
no RC4 ciphers detected (OK)
--> Testing (Perfect) Forward Secrecy (P)FS) -- omitting 3DES, RC4 and Null Encryption here
OK: PFS is offered. Client/browser support is important here. Offered PFS server ciphers follow...
Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits
-------------------------------------------------------------------------
xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH AESGCM 256
x9f DHE-RSA-AES256-GCM-SHA384 DH AESGCM 256
x6b DHE-RSA-AES256-SHA256 DH AES 256
x39 DHE-RSA-AES256-SHA DH AES 256
xcc13 ECDHE-RSA-CHACHA20-POLY1305 ECDH ChaCha20 256
xc014 ECDHE-RSA-AES256-SHA ECDH AES 256
xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH AESGCM 128
xc027 ECDHE-RSA-AES128-SHA256 ECDH AES 128
x9e DHE-RSA-AES128-GCM-SHA256 DH AESGCM 128
x67 DHE-RSA-AES128-SHA256 DH AES 128
x33 DHE-RSA-AES128-SHA DH AES 128
xc013 ECDHE-RSA-AES128-SHA ECDH AES 128
cipherscan shows all 3 Nginx SPDY/3.1, OLS 1.4.6 and h2o with same preferences though
##############
Nginx SPDY/3.1
cipherscan h2ohttp2.centminmod.com:443
....................
Target: h2ohttp2.centminmod.com:443
prio ciphersuite protocols pubkey_size signature_algorithm trusted ticket_hint ocsp_staple pfs_keysize
1 ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 2048 sha256WithRSAEncryption True 43200 True ECDH,P-256,256bits
2 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 43200 True ECDH,P-256,256bits
3 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 2048 sha256WithRSAEncryption True 43200 True ECDH,P-256,256bits
4 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 43200 True DH,4096bits
5 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 2048 sha256WithRSAEncryption True 43200 True DH,4096bits
6 ECDHE-RSA-AES128-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 43200 True ECDH,P-256,256bits
7 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 2048 sha256WithRSAEncryption True 43200 True ECDH,P-256,256bits
8 ECDHE-RSA-AES256-SHA384 TLSv1.2 2048 sha256WithRSAEncryption True None True ECDH,P-256,256bits
9 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 2048 sha256WithRSAEncryption True 43200 True ECDH,P-256,256bits
10 DHE-RSA-AES128-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 43200 True DH,4096bits
11 DHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 2048 sha256WithRSAEncryption True 43200 True DH,4096bits
12 DHE-RSA-AES256-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 43200 True DH,4096bits
13 DHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 2048 sha256WithRSAEncryption True 43200 True DH,4096bits
14 AES128-GCM-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 43200 True
15 AES256-GCM-SHA384 TLSv1.2 2048 sha256WithRSAEncryption True 43200 True
16 AES128-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 43200 True
17 AES256-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 43200 True
18 AES128-SHA TLSv1,TLSv1.1,TLSv1.2 2048 sha256WithRSAEncryption True 43200 True
19 AES256-SHA TLSv1,TLSv1.1,TLSv1.2 2048 sha256WithRSAEncryption True 43200 True
OCSP stapling: supported
Server side cipher ordering
##############
h2o HTTP/2
cipherscan h2ohttp2.centminmod.com:8081
....................
Target: h2ohttp2.centminmod.com:8081
prio ciphersuite protocols pubkey_size signature_algorithm trusted ticket_hint ocsp_staple pfs_keysize
1 ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 2048 sha256WithRSAEncryption True 300 True ECDH,P-256,256bits
2 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 300 True ECDH,P-256,256bits
3 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 2048 sha256WithRSAEncryption True 300 True ECDH,P-256,256bits
4 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 300 True DH,4096bits
5 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 2048 sha256WithRSAEncryption True 300 True DH,4096bits
6 ECDHE-RSA-AES128-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 300 True ECDH,P-256,256bits
7 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 2048 sha256WithRSAEncryption True 300 True ECDH,P-256,256bits
8 ECDHE-RSA-AES256-SHA384 TLSv1.2 2048 sha256WithRSAEncryption True None True ECDH,P-256,256bits
9 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 2048 sha256WithRSAEncryption True 300 True ECDH,P-256,256bits
10 DHE-RSA-AES128-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 300 True DH,4096bits
11 DHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 2048 sha256WithRSAEncryption True 300 True DH,4096bits
12 DHE-RSA-AES256-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 300 True DH,4096bits
13 DHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 2048 sha256WithRSAEncryption True 300 True DH,4096bits
14 AES128-GCM-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 300 True
15 AES256-GCM-SHA384 TLSv1.2 2048 sha256WithRSAEncryption True 300 True
16 AES128-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 300 True
17 AES256-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 300 True
18 AES128-SHA TLSv1,TLSv1.1,TLSv1.2 2048 sha256WithRSAEncryption True 300 True
19 AES256-SHA TLSv1,TLSv1.1,TLSv1.2 2048 sha256WithRSAEncryption True 300 True
OCSP stapling: supported
Server side cipher ordering
##############
OLS 1.4.6
cipherscan h2ohttp2.centminmod.com:8099
....................
Target: h2ohttp2.centminmod.com:8099
prio ciphersuite protocols pubkey_size signature_algorithm trusted ticket_hint ocsp_staple pfs_keysize
1 ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 2048 sha256WithRSAEncryption True 300 True ECDH,P-256,256bits
2 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 300 True ECDH,P-256,256bits
3 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 2048 sha256WithRSAEncryption True 300 True ECDH,P-256,256bits
4 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 300 True DH,1024bits
5 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 2048 sha256WithRSAEncryption True 300 True DH,1024bits
6 ECDHE-RSA-AES128-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 300 True ECDH,P-256,256bits
7 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 2048 sha256WithRSAEncryption True 300 True ECDH,P-256,256bits
8 ECDHE-RSA-AES256-SHA384 TLSv1.2 2048 sha256WithRSAEncryption True None True ECDH,P-256,256bits
9 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 2048 sha256WithRSAEncryption True 300 True ECDH,P-256,256bits
10 DHE-RSA-AES128-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 300 True DH,1024bits
11 DHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 2048 sha256WithRSAEncryption True 300 True DH,1024bits
12 DHE-RSA-AES256-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 300 True DH,1024bits
13 DHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 2048 sha256WithRSAEncryption True 300 True DH,1024bits
14 AES128-GCM-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 300 True
15 AES256-GCM-SHA384 TLSv1.2 2048 sha256WithRSAEncryption True 300 True
16 AES128-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 300 True
17 AES256-SHA256 TLSv1.2 2048 sha256WithRSAEncryption True 300 True
18 AES128-SHA TLSv1,TLSv1.1,TLSv1.2 2048 sha256WithRSAEncryption True 300 True
19 AES256-SHA TLSv1,TLSv1.1,TLSv1.2 2048 sha256WithRSAEncryption True 300 True
OCSP stapling: supported
Server side cipher ordering
George Liu
Mar 28, 2015, 3:00:08 AM3/28/15
to openlitespee...@googlegroups.com
looks like it does complete but took around 10 minutes to return the full test !
--> Testing specific vulnerabilities
Heartbleed (CVE-2014-0160) not vulnerable (OK) (timed out)
CCS (CVE-2014-0224), experimental not vulnerable (OK)
Secure Client-Initiated Renegotiation not vulnerable (OK)
Renegotiation (CVE 2009-3555) not vulnerable (OK)
CRIME, TLS (CVE-2012-4929) not vulnerable (OK)
BREACH (CVE-2013-3587) =HTTP Compression failed (HTTP header request stalled)
POODLE, SSL (CVE-2014-3566), experimental not vulnerable (OK)
FREAK (CVE-2015-0204), experimental not vulnerable (OK)
BEAST (CVE-2011-3389) no CBC ciphers for TLS1 (OK)
--> Checking RC4 Ciphers
no RC4 ciphers detected (OK)
--> Testing (Perfect) Forward Secrecy (P)FS) -- omitting 3DES, RC4 and Null Encryption here
OK: PFS is offered. Client/browser support is important here. Offered PFS server ciphers follow...
Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits
-------------------------------------------------------------------------
xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH AESGCM 256
x9f DHE-RSA-AES256-GCM-SHA384 DH AESGCM 256
x6b DHE-RSA-AES256-SHA256 DH AES 256
x39 DHE-RSA-AES256-SHA DH AES 256
xcc13 ECDHE-RSA-CHACHA20-POLY1305 ECDH ChaCha20 256
xc014 ECDHE-RSA-AES256-SHA ECDH AES 256
xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH AESGCM 128
xc027 ECDHE-RSA-AES128-SHA256 ECDH AES 128
x9e DHE-RSA-AES128-GCM-SHA256 DH AESGCM 128
x67 DHE-RSA-AES128-SHA256 DH AES 128
x33 DHE-RSA-AES128-SHA DH AES 128
xc013 ECDHE-RSA-AES128-SHA ECDH AES 128
real 10m47.814s
user 0m3.451s
sys 0m5.258s
dirk wetter
Apr 22, 2015, 6:07:23 AM4/22/15
to openlitespee...@googlegroups.com
On Thursday, March 26, 2015 at 11:02:52 PM UTC+1, George Liu wrote:
Also why is SSLv2 still offered when I have !SSLv2 set ?SSLv2 offered (NOT ok) -- 4282 ciphers
OLS answers with plain HTTP after sending an SSLv2 client hello. This is kind of unexpected to testssl and will be fixed soon. See https://github.com/drwetter/testssl.sh/issues/83 . Check "DEBUG=5 testssl.sh -p https://h2ohttp2.centminmod.com:8099/flags.html" and the output with "xxd /tmp/ssltester.<XXX>sslv2_sockets.dd"
For OLS in the meantime it's better to use either "testssl.sh --ssl-native" or "SSL_NATIVE=0 testssl.sh"
Feel free for this and other issues to comment/open a bug at github.
Cheers Dirk
dirk wetter
Apr 22, 2015, 11:15:04 AM4/22/15
to openlitespee...@googlegroups.com
BTW: That has been fixed now.
Cheers, Dirk
Reply all
Reply to author
Forward
0 new messages