Find knowledge base article(s) by searching for keywords in the title e.g. type linux in the search box below
Find knowledge base article(s) by browsing the subject categories of articles
Technology quick references, cheatsheets, user manuals etc.
Shop Online through ShopifyLite
Tutorials on various IT applications.
Search Title    (UL:0 |SS:f)

Protocols >> SSL >> How to use openssl command line to test cipher strengh supported by websites using SSL

For windows, we can use the openssl binary found at http://gnuwin32.sourceforge.net/packages/openssl.htm

Testing for NULL cipher

$> openssl s_client -connect www.google.com:443 -cipher NULL

CONNECTED(00000003)

3716:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:562:

Testing for LOW cipher (up to 64 bit)

$> openssl s_client -connect www.google.com:443 -cipher LOW

CONNECTED(00000003)

depth=1 /C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
i:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
1 s:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
---
[..snip..]

 

Testing for MEDIUM cipher (up to 128 bits)

$> openssl s_client -connect www.natwest.com:443 -cipher MEDIUM

CONNECTED(00000003)

depth=1 /O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Server CA - Class 3/OU=www.verisign.com/CP
S Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/C=GB/ST=Lothian/L=Edinburgh/O=Royal Bank of Scotland Group/OU=E-Services/OU=Terms of use at www.verisign.co.uk/rpa (c)05/OU=Authenticated by VeriSign/OU=Member, VeriSign Trust Network/CN=www.natwest.com
i:/O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Server CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
1 s:/O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Server CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
---
[..snip..]

 

Testing for HIGH cipher (above 128 bits)

$> openssl s_client -connect www.google.com:443 -cipher HIGH

CONNECTED(00000003)

depth=1 /C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
[..snip..]

 

[ © 2008-2021 myfaqbase.com - A property of WPDC Consulting ]