Skip to content

Instantly share code, notes, and snippets.

@stahnma

stahnma/-

Created March 15, 2016 18:54
Show Gist options
  • Save stahnma/c683f8ffc7c80dbbebd4 to your computer and use it in GitHub Desktop.
Save stahnma/c683f8ffc7c80dbbebd4 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
-
AVAILABLE PLUGINS
-----------------
PluginHSTS
PluginHeartbleed
PluginCertInfo
PluginCompression
PluginSessionRenegotiation
PluginChromeSha1Deprecation
PluginOpenSSLCipherSuites
PluginSessionResumption
CHECKING HOST(S) AVAILABILITY
-----------------------------
orch-latest.ops.puppetlabs.net:443 => 10.32.163.161:443
SCAN RESULTS FOR ORCH-LATEST.OPS.PUPPETLABS.NET:443 - 10.32.163.161:443
-----------------------------------------------------------------------
* Session Renegotiation:
Client-initiated Renegotiations: OK - Rejected
Secure Renegotiation: OK - Supported
* Deflate Compression:
OK - Compression disabled
* OpenSSL Heartbleed:
OK - Not vulnerable to Heartbleed
* Certificate - Content:
SHA1 Fingerprint: 2821d0af9a57c1b893d6722acf3f496958d9140b
Common Name: 192-168-1-4.rfc1918.puppetlabs.net
Issuer: Puppet CA generated on 192-168-1-4.rfc1918.puppetlabs.net at 2016-02-24 18:14:42 +0000
Serial Number: 02
Not Before: Feb 23 18:14:52 2016 GMT
Not After: Feb 22 18:14:52 2021 GMT
Signature Algorithm: sha256WithRSAEncryption
Public Key Algorithm: rsaEncryption
Key Size: 4096 bit
Exponent: 65537 (0x10001)
X509v3 Subject Alternative Name: {'DNS': ['10-32-163-161.rfc1918.puppetlabs.net', '192-168-1-4.rfc1918.puppetlabs.net', 'orch-latest.ops.puppetlabs.net']}
* Certificate - Trust:
Hostname Validation: OK - Subject Alternative Name matches
Google CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate in certificate chain
Java 6 CA Store (Update 65): FAILED - Certificate is NOT Trusted: self signed certificate in certificate chain
Microsoft CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate in certificate chain
Mozilla NSS CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate in certificate chain
Apple CA Store (OS X 10.10.5): FAILED - Certificate is NOT Trusted: self signed certificate in certificate chain
Certificate Chain Received: ['192-168-1-4.rfc1918.puppetlabs.net', 'Puppet CA generated on 192-168-1-4.rfc1918.puppetlabs.net at 2016-02-24 18:14:42 +0000']
* Certificate - OCSP Stapling:
NOT SUPPORTED - Server did not send back an OCSP response.
* Session Resumption:
With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
With TLS Session Tickets: OK - Supported
* SSLV2 Cipher Suites:
Server rejected all cipher suites.
* TLSV1_2 Cipher Suites:
Preferred:
ECDHE-RSA-AES128-GCM-SHA256 ECDH-256 bits 128 bits HTTP 302 Found - /auth/login?redirect=/
Accepted:
ECDHE-RSA-AES256-SHA384 ECDH-256 bits 256 bits HTTP 302 Found - /auth/login?redirect=/
ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 302 Found - /auth/login?redirect=/
ECDHE-RSA-AES256-GCM-SHA384 ECDH-256 bits 256 bits HTTP 302 Found - /auth/login?redirect=/
DHE-RSA-AES256-SHA256 DH-2048 bits 256 bits HTTP 302 Found - /auth/login?redirect=/
DHE-RSA-AES256-SHA DH-2048 bits 256 bits HTTP 302 Found - /auth/login?redirect=/
DHE-RSA-AES256-GCM-SHA384 DH-2048 bits 256 bits HTTP 302 Found - /auth/login?redirect=/
AES256-SHA256 - 256 bits HTTP 302 Found - /auth/login?redirect=/
AES256-SHA - 256 bits HTTP 302 Found - /auth/login?redirect=/
AES256-GCM-SHA384 - 256 bits HTTP 302 Found - /auth/login?redirect=/
ECDHE-RSA-AES128-SHA256 ECDH-256 bits 128 bits HTTP 302 Found - /auth/login?redirect=/
ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 302 Found - /auth/login?redirect=/
ECDHE-RSA-AES128-GCM-SHA256 ECDH-256 bits 128 bits HTTP 302 Found - /auth/login?redirect=/
DHE-RSA-AES128-SHA256 DH-2048 bits 128 bits HTTP 302 Found - /auth/login?redirect=/
DHE-RSA-AES128-SHA DH-2048 bits 128 bits HTTP 302 Found - /auth/login?redirect=/
DHE-RSA-AES128-GCM-SHA256 DH-2048 bits 128 bits HTTP 302 Found - /auth/login?redirect=/
AES128-SHA256 - 128 bits HTTP 302 Found - /auth/login?redirect=/
AES128-SHA - 128 bits HTTP 302 Found - /auth/login?redirect=/
AES128-GCM-SHA256 - 128 bits HTTP 302 Found - /auth/login?redirect=/
ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 302 Found - /auth/login?redirect=/
DES-CBC3-SHA - 112 bits HTTP 302 Found - /auth/login?redirect=/
* TLSV1_1 Cipher Suites:
Preferred:
ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 302 Found - /auth/login?redirect=/
Accepted:
ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 302 Found - /auth/login?redirect=/
DHE-RSA-AES256-SHA DH-2048 bits 256 bits HTTP 302 Found - /auth/login?redirect=/
AES256-SHA - 256 bits HTTP 302 Found - /auth/login?redirect=/
ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 302 Found - /auth/login?redirect=/
DHE-RSA-AES128-SHA DH-2048 bits 128 bits HTTP 302 Found - /auth/login?redirect=/
AES128-SHA - 128 bits HTTP 302 Found - /auth/login?redirect=/
ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 302 Found - /auth/login?redirect=/
DES-CBC3-SHA - 112 bits HTTP 302 Found - /auth/login?redirect=/
* TLSV1 Cipher Suites:
Preferred:
ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 302 Found - /auth/login?redirect=/
Accepted:
ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 302 Found - /auth/login?redirect=/
DHE-RSA-AES256-SHA DH-2048 bits 256 bits HTTP 302 Found - /auth/login?redirect=/
AES256-SHA - 256 bits HTTP 302 Found - /auth/login?redirect=/
ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 302 Found - /auth/login?redirect=/
DHE-RSA-AES128-SHA DH-2048 bits 128 bits HTTP 302 Found - /auth/login?redirect=/
AES128-SHA - 128 bits HTTP 302 Found - /auth/login?redirect=/
ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 302 Found - /auth/login?redirect=/
DES-CBC3-SHA - 112 bits HTTP 302 Found - /auth/login?redirect=/
* SSLV3 Cipher Suites:
Server rejected all cipher suites.
SCAN COMPLETED IN 8.34 S
------------------------
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment