Skip to content

Instantly share code, notes, and snippets.

/Qualys SSL Labs - Projects _ SSL Client Test.html

Created September 5, 2017 17:07
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save anonymous/d6ec0ffe29f053664650980cca879980 to your computer and use it in GitHub Desktop.
Save anonymous/d6ec0ffe29f053664650980cca879980 to your computer and use it in GitHub Desktop.
Download ZIP
Qualys client test from DREN
Raw
Qualys SSL Labs - Projects _ SSL Client Test.html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- saved from url=(0049)https://www.ssllabs.com/ssltest/viewMyClient.html -->
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><script async="" src="./Qualys SSL Labs - Projects _ SSL Client Test_files/script.js.download"></script>
<title>Qualys SSL Labs - Projects / SSL Client Test</title>
<link href="./Qualys SSL Labs - Projects _ SSL Client Test_files/ssllabs.css" rel="styleSheet" type="text/css">
<link href="./Qualys SSL Labs - Projects _ SSL Client Test_files/report.css" rel="styleSheet" type="text/css">
<link href="./Qualys SSL Labs - Projects _ SSL Client Test_files/main.css" rel="styleSheet" type="text/css">
<script type="text/javascript" src="./Qualys SSL Labs - Projects _ SSL Client Test_files/jquery-1.11.0.min.js.download"></script>
<script type="text/javascript" src="./Qualys SSL Labs - Projects _ SSL Client Test_files/script.js(1).download"></script><link rel="styleSheet" type="text/css" href="./Qualys SSL Labs - Projects _ SSL Client Test_files/style1.css"></head>
<body>
<div id="page">
<div id="header">
<div id="logo">
<a href="https://www.ssllabs.com/index.html" rel="noreferrer"><img src="./Qualys SSL Labs - Projects _ SSL Client Test_files/qualys-ssl-labs-logo.png" width="341" height="55" alt="SSL Labs logo" title="SSL Labs logo"></a>
</div>
<div id="navigation">
<a class="link" href="https://www.ssllabs.com/index.html" rel="noreferrer">Home</a>
<a class="link" href="https://www.ssllabs.com/projects/index.html" rel="noreferrer">Projects</a>
<a class="link" href="https://www.qualys.com/" rel="noreferrer">Qualys.com</a>
<a class="link" href="https://www.ssllabs.com/about/contact.html" rel="noreferrer">Contact</a>
</div>
<br clear="all">
</div>
<div id="breadcrumbs">
<b>You are here:&nbsp;</b>
<a href="https://www.ssllabs.com/index.html">Home</a>
&gt; <a href="https://www.ssllabs.com/projects/index.html">Projects</a>
&gt; SSL Client Test
</div>
<div id="main">
<div class="floatLeft">
<div class="reportTitle report-title-style">SSL/TLS Capabilities of Your Browser</div>
<div class="reportTime width-650"><b>User Agent:</b> Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.101 Safari/537.36</div> </div>
<div class="floatRight"><br><a href="https://www.ssllabs.com/ssltest/clients.html">Other User Agents&nbsp;»</a></div>
<br clear="all">
<div align="center">
<noscript>
&lt;div id=warningBox class="warning-box-line-height"&gt;
&lt;b&gt;Without JavaScript, the following tests will not run:&lt;/b&gt;
(1) Accurate protocol support, (2) SSL 3 POODLE vulnerability, (3) mixed content handling,
(4) TLS authentication bug in Apple's products, and (5) the FREAK attack.
Please enable JavaScript for best results.
&lt;/ul&gt;
&lt;/div&gt;
&lt;br&gt;
</noscript>
<div id="mixedCSSHiddenDiv1" class="display-none"></div>
<div id="mixedCSSHiddenDiv2" class="display-none"></div>
<iframe src="./Qualys SSL Labs - Projects _ SSL Client Test_files/frame.html" class="display-none" width="0" height="0"></iframe>
<div id="hiddenImagesDiv" class="display-none"><img src="./Qualys SSL Labs - Projects _ SSL Client Test_files/1x1-transparent.png"><img src="https://www.ssllabs.com:10200/1x1-transparent.png?t=1504267437377"><img src="https://www.ssllabs.com:10445/ssl-labs-logo.gif?t=1504267437377"><img src="https://www.ssllabs.com:10444/ssl-labs-logo.gif?t=1504267437377"><img src="https://www.ssllabs.com:10300/1x1-transparent.png?t=1504267437377"><img src="./Qualys SSL Labs - Projects _ SSL Client Test_files/1x1-transparent(1).png"><img src="./Qualys SSL Labs - Projects _ SSL Client Test_files/1x1-transparent(2).png"><img src="./Qualys SSL Labs - Projects _ SSL Client Test_files/1x1-transparent(3).png"><img src="./Qualys SSL Labs - Projects _ SSL Client Test_files/1x1-transparent(4).png"></div>
<div id="protocolSupportDiv" class="display-none"></div>
<div class="reportSection" id="protocolTestDiv" style="display: block;">
<div class="sectionTitle" id="protocolTestHeading">Protocol Support</div>
<div class="sectionBody">
<div id="protocolTestMsg" style="color: green;">Your user agent has good protocol support.</div>
<div id="protocolTestMsgNotes">Your user agent supports TLS 1.2, which is recommended protocol version at the moment.</div>
</div>
</div>
<div class="reportSection" id="jamTestDiv" style="display: block;">
<div class="sectionTitle">Logjam Vulnerability</div>
<div class="sectionBody">
<div id="jamTestMsg">Your user agent is not vulnerable.</div>
<div id="jamTestMsgNotes">
For more information about the Logjam attack, please go to
<a href="https://weakdh.org/">weakdh.org</a>.<br>
To test manually, click <a href="https://www.ssllabs.com:10445/">here</a>.
Your user agent is not vulnerable if it fails to connect to the site.</div>
</div>
</div>
<div class="reportSection" id="freakTestDiv" style="display: block;">
<div class="sectionTitle">FREAK Vulnerability</div>
<div class="sectionBody">
<div id="freakTestMsg">Your user agent is not vulnerable.</div>
<div id="freakTestMsgNotes">
For more information about the FREAK attack, please go to
<a href="https://www.freakattack.com/">www.freakattack.com</a>.<br>
To test manually, click <a href="https://www.ssllabs.com:10444/">here</a>.
Your user agent is not vulnerable if it fails to connect to the site.</div>
</div>
</div>
<div class="reportSection" id="ssl3TestDiv" style="display: block;">
<div class="sectionTitle">POODLE Vulnerability</div>
<div class="sectionBody">
<div id="ssl3TestMsg">Your user agent is not vulnerable.</div>
<div id="ssl3TestMsgNotes">For more information about the POODLE attack, please read <a href="https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack">this blog post</a>.</div>
</div>
</div>
<div class="reportSection" id="ssl2TestDiv">
<div class="sectionTitle">SSL 2 Protocol Support</div>
<div class="sectionBody">
<div id="ssl2TestMsg"><font color="red">Your user agent supports SSL 2. You should upgrade.</font></div>
<div id="ssl2TestMsgNotes">SSL 2 is a very old, obsolete, and insecure version of the SSL protocol. You can usually disable this protocol
version in configuration, but modern clients don't support it at all. This really means that you should upgrade your software
to a better version.</div>
</div>
</div>
<script type="text/javascript" src="./Qualys SSL Labs - Projects _ SSL Client Test_files/viewClient.js.download"></script>
<input id="mainsitehost" type="hidden" value="www.ssllabs.com">
<input id="plaintextSiteHost" type="hidden" value="plaintext.ssllabs.com">
<div class="reportSection" id="appleTestDiv">
<div class="sectionTitle">iOS and OS X TLS Authentication Vulnerability</div>
<div class="sectionBody">
<div id="appleTestMsg"><img src="./Qualys SSL Labs - Projects _ SSL Client Test_files/progress-indicator.gif" width="16" height="16"> Please wait, checking if your user agent is vulnerable...</div>
<div id="appleTestMsgNotes">To test manually, <a href="https://www.ssllabs.com:10443/">click here</a>. If your
user agent refuses to connect, you are not vulnerable. This test requires a connection to the SSL Labs
server on port 10443. A strict outbound firewall might interfere. You should test Safari running on
iOS or OS X. Chrome and Firefox are not vulnerable, even when running on a vulnerable operating system.
<a href="https://community.qualys.com/blogs/securitylabs/2014/02/24/ssl-labs-testing-for-apples-tls-authentication-bug"><b>MORE&nbsp;»</b></a></div>
<script type="text/javascript" src="./Qualys SSL Labs - Projects _ SSL Client Test_files/viewClient-appleTest.js.download"></script>
</div>
</div>
<div class="reportSection">
<div class="sectionTitle">Protocol Features</div>
<div class="sectionBody">
<input id="tls13Support" type="hidden" value="-1">
<img class="tIcon" src="./Qualys SSL Labs - Projects _ SSL Client Test_files/icon-protocol.png" width="65" height="50">
<noscript>
&lt;tr class="tableRow"&gt;
&lt;td colspan=2 align=left&gt;
&lt;span class="color666666"&gt;(*) Without JavaScript, this test reliably detects only the highest supported protocol.&lt;/span&gt;
&lt;/td&gt;
&lt;/tr&gt;
</noscript><table class="reportTable">
<thead>
<tr>
<td class="tableHead" colspan="2" align="left">Protocols</td>
</tr>
</thead>
<tbody>
<tr class="tableRow">
<td class="tableLeft" id="protocol_tls1_3_label"> TLS 1.3 </td>
<td class="tableRight" id="protocol_tls1_3">No</td>
</tr>
<tr class="tableRow">
<td class="tableLeft" id="protocol_tls1_2_label" style="color: green;">TLS 1.2</td>
<td class="tableRight" id="protocol_tls1_2" style="color: green;">Yes</td>
</tr>
<tr class="tableRow">
<td class="tableLeft">TLS 1.1</td>
<td class="tableRight" id="protocol_tls1_1" style="color: black;">Yes</td>
</tr>
<tr class="tableRow">
<td class="tableLeft">TLS 1.0</td>
<td class="tableRight" id="protocol_tls1" style="color: black;">Yes</td>
</tr>
<tr class="tableRow">
<td class="tableLeft" id="protocol_ssl3_label">SSL 3</td>
<td class="tableRight" id="protocol_ssl3" style="color: black;">No</td>
</tr>
<tr class="tableRow">
<td class="tableLeft" id="protocol_ssl2_label">SSL 2</td>
<td class="tableRight" id="protocol_ssl2" style="color: black;">No</td>
</tr>
</tbody>
</table>
<br><br>
<img class="tIcon" src="./Qualys SSL Labs - Projects _ SSL Client Test_files/icon-cipher.png" width="65" height="50" alt="">
<table class="reportTable">
<thead>
<tr>
<td class="tableHead" colspan="3" align="left">Cipher Suites (in order of preference)</td>
</tr>
</thead>
<tbody><tr>
<td class="tableLeft">TLS_GREASE_4A (<code>0x4a4a</code>)</td>
<td class="tableRight">-</td>
</tr>
<tr>
<td class="tableLeft">TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (<code>0xc02b</code>)
&nbsp; <span class="dhParams color-green">Forward Secrecy</span>
</td>
<td class="tableRight">128</td>
</tr>
<tr>
<td class="tableLeft">TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (<code>0xc02f</code>)
&nbsp; <span class="dhParams color-green">Forward Secrecy</span>
</td>
<td class="tableRight">128</td>
</tr>
<tr>
<td class="tableLeft">TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (<code>0xc02c</code>)
&nbsp; <span class="dhParams color-green">Forward Secrecy</span>
</td>
<td class="tableRight">256</td>
</tr>
<tr>
<td class="tableLeft">TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (<code>0xc030</code>)
&nbsp; <span class="dhParams color-green">Forward Secrecy</span>
</td>
<td class="tableRight">256</td>
</tr>
<tr>
<td class="tableLeft">TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (<code>0xcca9</code>)
&nbsp; <span class="dhParams color-green">Forward Secrecy</span>
</td>
<td class="tableRight">256</td>
</tr>
<tr>
<td class="tableLeft">TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (<code>0xcca8</code>)
&nbsp; <span class="dhParams color-green">Forward Secrecy</span>
</td>
<td class="tableRight">256</td>
</tr>
<tr>
<td class="tableLeft">TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (<code>0xc013</code>)
&nbsp; <span class="dhParams color-green">Forward Secrecy</span>
</td>
<td class="tableRight">128</td>
</tr>
<tr>
<td class="tableLeft">TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (<code>0xc014</code>)
&nbsp; <span class="dhParams color-green">Forward Secrecy</span>
</td>
<td class="tableRight">256</td>
</tr>
<tr>
<td class="tableLeft">TLS_RSA_WITH_AES_128_GCM_SHA256 (<code>0x9c</code>)
</td>
<td class="tableRight">128</td>
</tr>
<tr>
<td class="tableLeft">TLS_RSA_WITH_AES_256_GCM_SHA384 (<code>0x9d</code>)
</td>
<td class="tableRight">256</td>
</tr>
<tr>
<td class="tableLeft">TLS_RSA_WITH_AES_128_CBC_SHA (<code>0x2f</code>)
</td>
<td class="tableRight">128</td>
</tr>
<tr>
<td class="tableLeft">TLS_RSA_WITH_AES_256_CBC_SHA (<code>0x35</code>)
</td>
<td class="tableRight">256</td>
</tr>
<tr>
<td class="tableLeft"><font color="#F88017">TLS_RSA_WITH_3DES_EDE_CBC_SHA (<code>0xa</code>) &nbsp; <b>WEAK</b></font></td>
<td class="tableRight"><font color="#F88017">112</font></td>
</tr>
<tr class="tableRow">
<td colspan="2" align="left">
<span class="color666666">(1) When a browser supports SSL 2, its SSL 2-only suites are shown
only on the very first connection to this site. To see the suites,
close all browser windows, then open this exact page directly. Don't refresh.</span>
</td>
</tr>
</tbody></table>
<br><br>
<img class="tIcon" src="./Qualys SSL Labs - Projects _ SSL Client Test_files/icon-protocol-details.png" width="65" height="50" alt="">
<table class="reportTable">
<thead>
<tr>
<td class="tableHead" colspan="2" align="left">Protocol Details</td>
</tr>
</thead>
<tbody>
<tr class="tableRow">
<td class="tableLabel" width="250">Server Name Indication (SNI)</td>
<td class="tableCell">Yes</td>
</tr>
<tr class="tableRow">
<td class="tableLabel">Secure Renegotiation</td>
<td class="tableCell">Yes</td>
</tr>
<tr class="tableRow">
<td class="tableLabel"><font color="green">TLS compression</font></td>
<td class="tableCell"><font color="green">No</font></td>
</tr>
<tr class="tableRow">
<td class="tableLabel">Session tickets</td>
<td class="tableCell">Yes</td>
</tr>
<tr class="tableRow">
<td class="tableLabel">OCSP stapling</td>
<td class="tableCell">Yes</td>
</tr>
<tr class="tableRow">
<td class="tableLabel">Signature algorithms</td>
<td class="tableCell">
SHA256/ECDSA, RSA_PSS_SHA256, SHA256/RSA, SHA384/ECDSA, RSA_PSS_SHA384, SHA384/RSA, RSA_PSS_SHA512, SHA512/RSA, SHA1/RSA </td>
</tr>
<tr class="tableRow">
<td class="tableLabel">Named Groups</td>
<td class="tableCell">
tls_grease_3a3a, x25519, secp256r1, secp384r1 </td>
</tr>
<tr class="tableRow">
<td class="tableLabel">Next Protocol Negotiation</td>
<td class="tableCell">No</td>
</tr>
<tr class="tableRow">
<td class="tableLabel" width="250">Application Layer Protocol Negotiation</td>
<td class="tableCell">Yes
&nbsp; <span class="greySmall">
http/1.1
</span></td>
</tr>
<tr class="tableRow">
<td class="tableLabel"><font color="green">SSL 2 handshake compatibility</font></td>
<td class="tableCell"><font color="green">No</font></td>
</tr>
</tbody>
</table>
<br>
</div>
</div>
<div class="reportSection display-none" id="mixedDiv" style="display: block;">
<div class="sectionTitle">Mixed Content Handling</div>
<div class="sectionBody">
<img class="tIcon" src="./Qualys SSL Labs - Projects _ SSL Client Test_files/icon-misc.png" width="65" height="50">
<table class="reportTable">
<thead>
<tr>
<td class="tableHead" colspan="3" align="left">Mixed Content Tests</td>
</tr>
</thead>
<tbody>
<tr class="tableRow">
<td class="tableLeft">Images</td>
<td class="tableRight width-100">Passive</td>
<td class="tableRight width-100" id="mixedImages" style="color: rgb(248, 128, 23);">Yes</td>
</tr>
<tr class="tableRow">
<td class="tableLeft">CSS</td>
<td class="tableRight">Active</td>
<td class="tableRight" id="mixedCssLink">No</td>
</tr>
<tr class="tableRow">
<td class="tableLeft">Scripts</td>
<td class="tableRight">Active</td>
<td class="tableRight" id="mixedScripts">No</td>
</tr>
<tr class="tableRow">
<td class="tableLeft">XMLHttpRequest</td>
<td class="tableRight">Active</td>
<td class="tableRight" id="mixedXhr">No</td>
</tr>
<tr class="tableRow">
<td class="tableLeft">WebSockets</td>
<td class="tableRight">Active</td>
<td class="tableRight" id="mixedWebSockets">No</td>
</tr>
<tr class="tableRow">
<td class="tableLeft">Frames</td>
<td class="tableRight">Active</td>
<td class="tableRight" id="mixedFrame">No</td>
</tr>
<tr class="tableRow">
<td colspan="3" align="left">
<span class="color666666">(1) These tests might cause a mixed content warning in your browser. That's expected.<br></span>
<span class="color666666">(2) If you see a failed test, try to reload the page. If the error persists, please get in touch.</span>
</td>
</tr>
</tbody>
</table>
<br>
<table class="reportTable report-table-margin">
<thead>
<tr>
<td class="tableHead" colspan="3" align="left">Related Functionality</td>
</tr>
</thead>
<tbody>
<tr class="tableRow">
<td class="tableLeft">Upgrade Insecure Requests request header (<a href="https://w3c.github.io/webappsec/specs/upgrade/">more info</a>)</td>
<td class="tableRight">Yes</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</div>
<script type="text/javascript" src="./Qualys SSL Labs - Projects _ SSL Client Test_files/viewClient-clientTest.js.download"></script>
</div>
<div id="pageEnd">
<div id="copyright">
<table width="1050" border="0" cellpadding="5" cellspacing="0"><tbody><tr>
<td class="footer">
Copyright © 2009-2017 <a href="https://www.qualys.com/">Qualys, Inc</a>. All Rights Reserved.
</td><td align="right" class="footer">
<a href="https://www.ssllabs.com/about/terms.html" rel="noreferrer">Terms and Conditions</a>
</td></tr>
<tr>
<td class="footer">
Qualys is the leading provider of integrated <a href="https://www.qualys.com/asset-discovery/">asset discovery</a>,
<a href="https://www.qualys.com/network-security/">network security</a>,
<a href="https://www.qualys.com/threat-protection/">threat protection</a>,
<a href="https://www.qualys.com/compliance-monitoring/">compliance monitoring</a>
and <a href="https://www.qualys.com/web-application-security/">web application security</a> solutions.
</td></tr>
</tbody></table>
</div>
</div>
</body></html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment