testssl.sh: Testing TLS/SSL encryption
testssl.sh is a free Unix command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols
as well as some cryptographic flaws.
It's designed to provide clear output for a "is this good or bad" decision.
It is working on every Linux distribution which has openssl installed. As for security reasons some distributors
outphase the buggy stuff – and this is exactly you want to check for – it's recommended to compile openssl by
yourself or check out the openssl binaries below (Linux). You will get a warning though if your openssl client
cannot perform a specific check, see below.
testssl.sh is portable, it is supposed to work on
any other Unix system (preferably with GNU tools) and on cygwin, supposed it can find the openssl binary.
- 2.0pre: Features: SNI, STARTTLS, check for: RC4, PFS, SPDY, HSTS, web server banner and lots of bugfixes
- 1.40: cleanups, path of URL supplied on the command line (is ignored for now)
- 1.30: can test now for cipher suites / protocols only, tests for tls v1.1/v1.2 , -a/--all renamed
- 1.21: CRIME support, see http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512.
- 1.18: Rearragement of arguments: URI comes now always last. NOPARANOID flag tells whether medium grade ciphers are ok.
- 1.17: tests now for renegotiation vulnerabity, see (CVE-2009-3555)
- 1.16: Invoking options changed with this release. Port and hostname / URL will be accepted only as one argument. major code cleanups. Also
checks now whether SSL is listening on the server side at all. -a/--all tests cipher by cipher now.
- More see CHANGELOG.
Starting testssl.sh with no params will give you a clue how to use it:
userid@somehost:~ % testssl.sh
testssl.sh <options> URI
where <options> is one of
<-h|--help> what you're looking at
<-b|--banner> displays banner + version
<-v|--version> same as above
<-V|--local> pretty print all local ciphers
<-V|--local> <hexcode> what cipher is <pattern hexcode>?
<-c|--compression|--crime> tests only for crime vulnerability
<-e|--each-cipher> check each local ciphers remotely
<-E|-ee|--cipher-per-proto> check those per protocol
<-f|--ciphers> check cipher suites
<-p|--protocols> check tls/ssl protocols only
<-y|--spdy> checks for spdy
<-r|--renegotiation> tests only for renegotiation vulnerability
<-s|--pfs|--fs|--nsa> tests for (perfect) forward secrecy
<-4|--rc4|--appelbaum> which RC4 ciphers are being offered?
<-H|--header|--headers> check for HSTS and server banner string
URI is host|host:port|URL|URL:port
(port 443 is assumed unless otherwise specified)
<-t|--starttls> host:port <ftp(s)|smtp(s)|pop3(s)|imap(s)|xmpp>
Normal use case is probably just "testssl.sh <hostname>", see first picture above. "testssl.sh -E <hostname>" was used in the second picture above. STARTTLS (see last picture) check would be achieved with e.g.
testssl.sh --starttls <smtphostname>.<tld>:587 smtp
testssl.sh -t <jabberhostname>.<tld>:5222 xmpp
testssl.sh --starttls <pophostname>.<tld>:110 pop3s
As the help says: Currently only one option at a time works.
A maybe neat feature: If you want to find out what local ciphers you have and print them pretty, use "testssl.sh -V". Ever wondered what hexcode a cipher is? "testssl.sh -V 9f" lets you search for the hexcode 9f.
Got it so far? Good.
Hint regarding OpenSSL binary
As mentioned above, a prerequisite for thoroughly checking SSL/TLS enabled servers is: all you want to check for has to be
available on your client.
The drawback for most Linux distributions: One cannot check 56 Bit ciphers as they are disabled during compile time. Also
some ciphers are disabled for security reasons, and last but not least: SSLv2 seems to be outphased too, Ubuntu started this.
Thus the signed tarball provides specially compiled statically linked (except glibc)
openssl binaries as a courtesy. If you don't want this, you'll get a warning in magenta, see picture on the right hand side.
You'll need to unpack the binaries, dump the one you need to your preferred location and
export OPENSSL=<mypath>/openssl64 before you use testssl. Or
OPENSSL=<mypath>/openssl64 testssl.sh <hostname>
Don't try outdated OpenSSL versions before 1.0. Those versions are deprecated, you likely will not get very far. It's still kind of supported though but the days are numbered.
Feedback, bugs and contributions are appreciated, see contact in testssl.sh.
I post all significant updates on Twitter.