There is also cipherscan by Julien Vehent (with a bunch of patches by mzeltner
and me).
https://github.com/mzeltner/cipherscan
Original repo doesn't yet include our pull request
https://github.com/jvehent/cipherscan
It works with any *nix or *tux with OpenSSL. (Tested with Debian, OS X, Solari
your-sleve numbers with a fallback to NIST curves. IMHO this could
really help with the old chicken-and-egg problem of server vs. client support.
Best regards
MacLemon
Full disclosure: I'm a co-author of “Applied crypto hardening”.
[0]: https://bettercryp
Only when I set `ssl_stapling_verify off;`I can get OCSP stapling to work on my
setup. In my experience helps to (re)load the page a few times before testing
with SSLLabs to give the server time to fetch the OCSP response.
Best regards
MacLemon
On 14.12.2013, at 08:06, justin wrote