On Tue, Mar 10, 2020 at 9:56 PM Kaushal Shriyan <kaushalshri...@gmail.com> wrote:
> Hi, > > I have run the below tests > > ./testssl.sh gsmasslciphers.digitalapicraft.com >> ########################################################### >> testssl.sh 3.1dev from https://testssl.sh/dev/ >> (e0c83b2 2020-02-24 14:21:28 -- ) >> This program is free software. Distribution and >> modification under GPLv2 permitted. >> USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK! >> Please file bugs @ https://testssl.sh/bugs/ >> ########################################################### >> Using "OpenSSL 1.0.2-chacha (1.0.2k-dev)" [~183 ciphers] >> on Kaushals-MacBook-Pro:./bin/openssl.Darwin.x86_64 >> (built: "Feb 22 09:55:43 2019", platform: "darwin64-x86_64-cc") >> >> Start 2020-03-10 21:50:25 -->> 13.234.216.57:443 ( >> gsmasslciphers.digitalapicraft.com) <<-- >> rDNS (13.234.216.57): -- >> Service detected: HTTP >> >> Testing protocols via sockets except NPN+ALPN >> SSLv2 not offered (OK) >> SSLv3 not offered (OK) >> TLS 1 not offered >> TLS 1.1 not offered >> TLS 1.2 offered (OK) >> TLS 1.3 not offered and downgraded to a weaker protocol >> NPN/SPDY h2, http/1.1 (advertised) >> ALPN/HTTP2 h2, http/1.1 (offered) >> Testing cipher categories >> NULL ciphers (no encryption) not offered (OK) >> Anonymous NULL Ciphers (no authentication) not offered (OK) >> Export ciphers (w/o ADH+NULL) not offered (OK) >> LOW: 64 Bit + DES, RC[2,4] (w/o export) not offered (OK) >> Triple DES Ciphers / IDEA not offered >> Obsolete: SEED + 128+256 Bit CBC cipher not offered >> Strong encryption (AEAD ciphers) offered (OK) >> >> Testing robust (perfect) forward secrecy, (P)FS -- omitting Null >> Authentication/Encryption, 3DES, RC4 >> PFS is offered (OK) ECDHE-RSA-AES256-GCM-SHA384 >> ECDHE-RSA-AES128-GCM-SHA256 >> Elliptic curves offered: secp256k1 prime256v1 secp384r1 secp521r1 >> >> Testing server preferences >> Has server cipher order? no (NOT ok) >> Negotiated protocol TLSv1.2 >> Negotiated cipher ECDHE-RSA-AES128-GCM-SHA256, 521 bit ECDH >> (P-521) -- inconclusive test, matching cipher in list missing, better see >> below >> Negotiated cipher per proto (matching cipher in list missing) >> ECDHE-RSA-AES256-GCM-SHA384: TLSv1.2 >> No further cipher order check has been done as order is determined by >> the client >> >> Testing server defaults (Server Hello) >> TLS extensions (standard) "server name/#0" "renegotiation >> info/#65281" "EC point formats/#11" "session ticket/#35" "heartbeat/#15" >> "next protocol/#13172" "application layer protocol negotiation/#16" >> Session Ticket RFC 5077 hint 86400 seconds, session tickets keys seems >> to be rotated < daily >> SSL Session ID support yes >> Session Resumption Tickets: yes, ID: yes >> TLS clock skew Random values, no fingerprinting possible >> Signature Algorithm SHA256 with RSA >> Server key size RSA 2048 bits >> Server key usage Digital Signature, Key Encipherment >> Server extended key usage TLS Web Server Authentication, TLS Web >> Client Authentication >> Serial / Fingerprints 03C871BF68E569B4330E4AFCFA7752AAB5D7 / SHA1 >> 8874D965CB96F4A4B8B4CCAE149B6F1999399BF8 >> SHA256 >> BB56659442E2ED18778F7BB210823F3A81DA88F3AF79D0EE2104CE82DBB03C65 >> Common Name (CN) gsmasslciphers.digitalapicraft.com >> subjectAltName (SAN) gsmasslciphers.digitalapicraft.com >> Issuer Let's Encrypt Authority X3 (Let's Encrypt >> from US) >> Trust (hostname) Ok via SAN (same w/o SNI) >> Chain of trust Ok >> EV cert (experimental) no >> ETS/"eTLS", visibility info not present >> Certificate Validity (UTC) 89 >= 30 days (2020-03-10 09:40 --> >> 2020-06-08 09:40) >> # of certificates provided 2 >> Certificate Revocation List -- >> OCSP URI http://ocsp.int-x3.letsencrypt.org >> OCSP stapling not offered >> OCSP must staple extension -- >> DNS CAA RR (experimental) not offered >> Certificate Transparency yes (certificate extension) >> >> Testing HTTP header response @ "/" >> HTTP Status Code 200 OK >> HTTP clock skew 0 sec from localtime >> Strict Transport Security 730 days=63072000 s, just this domain >> Public Key Pinning -- >> Server banner nginx/1.16.1 >> Application banner -- >> Cookie(s) (none issued at "/") >> Security headers -- >> Reverse Proxy banner -- >> >> Testing vulnerabilities >> Heartbleed (CVE-2014-0160) not vulnerable (OK), timed out >> CCS (CVE-2014-0224) not vulnerable (OK) >> Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK) >> ROBOT Server does not support any >> cipher suites that use RSA key transport >> Secure Renegotiation (RFC 5746) supported (OK) >> Secure Client-Initiated Renegotiation not vulnerable (OK) >> CRIME, TLS (CVE-2012-4929) not vulnerable (OK) >> BREACH (CVE-2013-3587) no HTTP compression (OK) - >> only supplied "/" tested >> POODLE, SSL (CVE-2014-3566) not vulnerable (OK), no SSLv3 >> support >> TLS_FALLBACK_SCSV (RFC 7507) No fallback possible (OK), no >> protocol below TLS 1.2 offered >> SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK) >> FREAK (CVE-2015-0204) not vulnerable (OK) >> DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host >> and port (OK) >> make sure you don't use this >> certificate elsewhere with SSLv2 enabled services >> >> https://censys.io/ipv4?q=BB56659442E2ED18778F7BB210823F3A81DA88F3AF79D0EE2104CE82DBB03C65 >> could help you to find out >> LOGJAM (CVE-2015-4000), experimental not vulnerable (OK): no DH >> EXPORT ciphers, no DH key detected with <= TLS 1.2 >> BEAST (CVE-2011-3389) not vulnerable (OK), no SSL3 >> or TLS1 >> LUCKY13 (CVE-2013-0169), experimental not vulnerable (OK) >> RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK) >> >> Testing 370 ciphers via OpenSSL plus sockets against the server, ordered >> by encryption strength >> Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits >> Cipher Suite Name (IANA/RFC) >> >> ----------------------------------------------------------------------------------------------------------------------------- >> xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 521 AESGCM 256 >> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 >> xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 521 AESGCM 128 >> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 >> >> Running client simulations (HTTP) via sockets >> Android 4.4.2 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 521 >> bit ECDH (P-521) >> Android 5.0.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 521 >> bit ECDH (P-521) >> Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 >> bit ECDH (P-256) >> Android 7.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 >> bit ECDH (P-256) >> Android 8.1 (native) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 >> bit ECDH (P-256) >> Android 9.0 (native) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 >> bit ECDH (P-256) >> Android 10.0 (native) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 >> bit ECDH (P-256) >> Chrome 74 (Win 10) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 >> bit ECDH (P-256) >> Chrome 79 (Win 10) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 >> bit ECDH (P-256) >> Firefox 66 (Win 8.1/10) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 >> bit ECDH (P-256) >> Firefox 71 (Win 10) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 >> bit ECDH (P-256) >> IE 6 XP No connection >> IE 8 Win 7 No connection >> IE 8 XP No connection >> IE 11 Win 7 No connection >> IE 11 Win 8.1 No connection >> IE 11 Win Phone 8.1 No connection >> IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 >> bit ECDH (P-256) >> Edge 15 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 >> bit ECDH (P-256) >> Edge 17 (Win 10) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 >> bit ECDH (P-256) >> Opera 66 (Win 10) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 >> bit ECDH (P-256) >> Safari 9 iOS 9 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 >> bit ECDH (P-256) >> Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 >> bit ECDH (P-256) >> Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 >> bit ECDH (P-256) >> Safari 12.1 (iOS 12.2) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 >> bit ECDH (P-256) >> Safari 13.0 (macOS 10.14.6) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 >> bit ECDH (P-256) >> Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 >> bit ECDH (P-256) >> Java 6u45 No connection >> Java 7u25 No connection >> Java 8u161 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 >> bit ECDH (P-256) >> Java 11.0.2 (OpenJDK) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 >> bit ECDH (P-256) >> Java 12.0.1 (OpenJDK) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 >> bit ECDH (P-256) >> OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 >> bit ECDH (P-256) >> OpenSSL 1.1.0l (Debian) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 >> bit ECDH (P-256) >> OpenSSL 1.1.1d (Debian) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 >> bit ECDH (P-256) >> Thunderbird (68.3) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 >> bit ECDH (P-256) >> Done 2020-03-10 21:52:13 [0130s] -->> 13.234.216.57:443 ( >> gsmasslciphers.digitalapicraft.com) <<-- > > > > I am not sure about the below explanation as seen in the above output. > > Testing server preferences >> Has server cipher order? no (NOT ok) >> Negotiated protocol TLSv1.2 >> Negotiated cipher ECDHE-RSA-AES128-GCM-SHA256, 521 bit ECDH >> (P-521) -- inconclusive test, matching cipher in list missing, better see >> below >> Negotiated cipher per proto (matching cipher in list missing) >> ECDHE-RSA-AES256-GCM-SHA384: TLSv1.2 >> No further cipher order check has been done as order is determined by >> the client > > > I will appreciate if someone can help me understand it. Does it mean there > is some issue? Thanks in advance and I look forward to hearing from you. > > Best Regards, > > Kaushal > > Hi, Checking in again if someone can pitch in for my earlier post to this mailing list. Thanks in advance and I look forward to hearing from you. Best Regards, Kaushal
