/howsmytls.rb
Last active Dec 13, 2017
| require "net/https" | |
| require "uri" | |
| require 'json' | |
| uri = URI.parse("https://www.howsmyssl.com/a/check") | |
| http = Net::HTTP.new(uri.host, uri.port) | |
| http.use_ssl = true | |
| resp = JSON.parse(http.request(Net::HTTP::Get.new(uri.request_uri)).body) | |
| puts JSON.pretty_generate(resp) |
| // ruby -v => ruby 1.9.3p448 (2013-06-27 revision 41675) [x86_64-darwin13.0.0] | |
| { | |
| "given_cipher_suites": [ | |
| "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", | |
| "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", | |
| "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", | |
| "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", | |
| "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", | |
| "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", | |
| "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA", | |
| "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA", | |
| "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", | |
| "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", | |
| "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", | |
| "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", | |
| "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", | |
| "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", | |
| "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", | |
| "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", | |
| "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", | |
| "TLS_SRP_SHA_WITH_AES_256_CBC_SHA", | |
| "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", | |
| "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", | |
| "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", | |
| "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", | |
| "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", | |
| "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", | |
| "TLS_RSA_WITH_AES_256_GCM_SHA384", | |
| "TLS_RSA_WITH_AES_256_CBC_SHA256", | |
| "TLS_RSA_WITH_AES_256_CBC_SHA", | |
| "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", | |
| "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", | |
| "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", | |
| "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA", | |
| "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA", | |
| "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", | |
| "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", | |
| "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", | |
| "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA", | |
| "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", | |
| "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", | |
| "TLS_RSA_WITH_3DES_EDE_CBC_SHA", | |
| "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", | |
| "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", | |
| "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", | |
| "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", | |
| "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", | |
| "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", | |
| "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA", | |
| "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA", | |
| "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", | |
| "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", | |
| "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", | |
| "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", | |
| "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", | |
| "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", | |
| "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", | |
| "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", | |
| "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", | |
| "TLS_SRP_SHA_WITH_AES_128_CBC_SHA", | |
| "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", | |
| "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", | |
| "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", | |
| "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", | |
| "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", | |
| "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", | |
| "TLS_RSA_WITH_AES_128_GCM_SHA256", | |
| "TLS_RSA_WITH_AES_128_CBC_SHA256", | |
| "TLS_RSA_WITH_AES_128_CBC_SHA", | |
| "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", | |
| "TLS_DHE_RSA_WITH_SEED_CBC_SHA", | |
| "TLS_DHE_DSS_WITH_SEED_CBC_SHA", | |
| "TLS_RSA_WITH_SEED_CBC_SHA", | |
| "TLS_RSA_WITH_IDEA_CBC_SHA", | |
| "TLS_ECDHE_RSA_WITH_RC4_128_SHA", | |
| "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", | |
| "TLS_ECDH_anon_WITH_RC4_128_SHA", | |
| "TLS_ECDH_RSA_WITH_RC4_128_SHA", | |
| "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", | |
| "TLS_RSA_WITH_RC4_128_SHA", | |
| "TLS_RSA_WITH_RC4_128_MD5", | |
| "TLS_DHE_RSA_WITH_DES_CBC_SHA", | |
| "TLS_DHE_DSS_WITH_DES_CBC_SHA", | |
| "TLS_RSA_WITH_DES_CBC_SHA", | |
| "TLS_EMPTY_RENEGOTIATION_INFO_SCSV" | |
| ], | |
| "ephemeral_keys_supported": true, | |
| "session_ticket_supported": true, | |
| "tls_compression_supported": true, | |
| "unknown_cipher_suite_supported": false, | |
| "beast_vuln": false, | |
| "insecure_cipher_suites": { | |
| "TLS_DHE_DSS_WITH_DES_CBC_SHA": [ | |
| "uses keys smaller than 128 bits in its encryption" | |
| ], | |
| "TLS_DHE_RSA_WITH_DES_CBC_SHA": [ | |
| "uses keys smaller than 128 bits in its encryption" | |
| ], | |
| "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA": [ | |
| "is open to man-in-the-middle attacks because it does not authenticate the server" | |
| ], | |
| "TLS_ECDH_anon_WITH_AES_128_CBC_SHA": [ | |
| "is open to man-in-the-middle attacks because it does not authenticate the server" | |
| ], | |
| "TLS_ECDH_anon_WITH_AES_256_CBC_SHA": [ | |
| "is open to man-in-the-middle attacks because it does not authenticate the server" | |
| ], | |
| "TLS_ECDH_anon_WITH_RC4_128_SHA": [ | |
| "is open to man-in-the-middle attacks because it does not authenticate the server" | |
| ], | |
| "TLS_RSA_WITH_DES_CBC_SHA": [ | |
| "uses keys smaller than 128 bits in its encryption" | |
| ], | |
| "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA": [ | |
| "is open to man-in-the-middle attacks because it does not authenticate the server" | |
| ], | |
| "TLS_SRP_SHA_WITH_AES_128_CBC_SHA": [ | |
| "is open to man-in-the-middle attacks because it does not authenticate the server" | |
| ], | |
| "TLS_SRP_SHA_WITH_AES_256_CBC_SHA": [ | |
| "is open to man-in-the-middle attacks because it does not authenticate the server" | |
| ] | |
| }, | |
| "tls_version": "TLS 1.2", | |
| "rating": "Bad" | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This comment has been minimized.
kapishmalik commentedDec 13, 2017
U r using Ruby 1.9.3 to run this sample program. OpenSSL of this version won't support ssl version to tlsv1_2. It's default is sslv23. How net/http is able to connect via tlsv1_2. Could you please explain.