Last active
November 16, 2020 22:22
-
-
Save stephenlb/b6fc99be3af3c4a465c8f6b6297b71c4 to your computer and use it in GitHub Desktop.
Test TLS SSL Ciphers on a Server - Which Ciphers and TLS Protocols does the server support?
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/zsh | |
## - - - - - - - - - - - - - - - - - - - - - - - - - - - | |
## Usage | |
## - - - - - - - - - - - - - - - - - - - - - - - - - - - | |
## | |
## ./tls.sh <SERVER_IP_OR_DOMAIN_NAME> | |
## | |
## ./tls.sh pubnub.com | |
## ./tls.sh ps.pndsn.com | |
## ./tls.sh pubsub.pubnub.com | |
## ./tls.sh pubsub-legacy-sslv3.pubnub.com | |
## ./tls.sh google.com | |
## ./tls.sh yahoo.com | |
## - - - - - - - - - - - - - - - - - - - - - - - - - - - | |
SERVER=$1 | |
for v in ssl2 ssl3 tls1 tls1_1 tls1_2; do | |
for c in $(openssl ciphers 'ALL:eNULL' | tr ':' ' '); do | |
result=$(openssl s_client -connect $SERVER:443 -cipher $c -$v < /dev/null 2>&1 | sed 's/New, TLSv1\/SSLv3, //g') | |
protocol=$(echo $result | grep Protocol | sed -e 's/^[[:space:]]*//') | |
cipher=$(echo $result | grep Cipher | head -n1 | grep -v NONE | grep -v '0000' | sed -e 's/^[[:space:]]*//') | |
if [[ ! -z $cipher ]] | |
then echo "$protocol $cipher" | |
fi | |
done | |
done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This works on zshell
zsh
on MacOS 11 - last tested 2020 November 16th