Showing posts with label tls protocol scan. Show all posts
Showing posts with label tls protocol scan. Show all posts

Wednesday, December 28, 2022

Scan https Web Application for tls vulnerability using openssl

SSL Labs is the effficient way to find which SSL protocols are enabled on your webserver.

Enter your website url and click on submit

https://www.ssllabs.com/ssltest/

It generated ssl scan report for your web application. You can check tls protocol enable/disable list.

If you want to scan tls protocol version on your local, Run following commands for different versions of tls.

tls 1 and tls 1.1 are vulnerable versions.

openssl s_client -connect app.localhost:443 -tls1
openssl s_client -connect app.localhost:443 -tls1_1
openssl s_client -connect app.localhost:443 -tls1_2
openssl s_client -connect app.localhost:443 -tls1_3

If tls 1 or tls 1.1 is enabled for your webserver but you are not getting results on command line, you need to make configuration changes in your openssl.cnf file.

Take backup of your /etc/ssl/openssl.cnf

sudo cp /etc/ssl/openssl.cnf /etc/ssl/openssl.cnf.bkup

Add this to the beginning of your config file /etc/ssl/openssl.cnf
openssl_conf = default_conf

And then this to the end:
[ default_conf ]
ssl_conf = ssl_sect
[ssl_sect]
system_default = system_default_sect
[system_default_sect]
MinProtocol = TLSv1.2
CipherString = DEFAULT:@SECLEVEL=1

Now  export path
export OPENSSL_CONF=/etc/ssl/openssl.cnf

Now check again

openssl s_client -connect app.localhost:443 -tls1
openssl s_client -connect app.localhost:443 -tls1_1
 

Now it should show enabled tls protocols on command line

You can disable these protocols in your webserver config.