Forum Discussion

jaikumar_f5's avatar
Jul 22, 2017

Find SSL/Tls Versions Supported || Script

Hi Folks,

Well I'm in need of some offline tool or some script that could help me complete my analysis on the SSL/TLs protocols that my end servers are supporting.

Currently I have some default serverssl profiles to most of the VS. Everything seem to go good. But I'm going to move away default and start using custom serverssl profile which would have just TLs1_2 supporting.

Dont intend to apply this before verifying that end servers are stopped supporting tls1 & tls1_1 and just support tls1_2. At present, I'm using the below one by one to confirm it. Note there are 1000's of servers to be tested.

openssl s_client -host  -port 443 -sslv3
openssl s_client -host  -port 443 -tls1
openssl s_client -host  -port 443 -tls1_1
openssl s_client -host  -port 443 -tls1_2

I tried with nmap, its taking time. Is there any simpler script that can verify all SSL/TLs protocols of multiple provided serverip's running on different ports as an input.

Also tried to use curl and grep something, had bad luck with it...

No RepliesBe the first to reply