Is there an easy way to check SSL cipher preference from the command-line?

linux security centos ssl
8,140

Currently, I believe the only way to do this is to manually check the different ciphers with openssl s_client.

Preferred ciphers are easy enough, just connect with no -cipher option and the cipher that's used is likely the server's preferred (as long as it's in openssl's default cipher list).

Auditing what ciphers are supported is more legwork, as you'll need to manually specify each cipher that you want to test with the -cipher option (openssl ciphers will show you your options) and see if you can connect. There is an outstanding feature request against OpenSSL to add cipher discovery for this purpose, but that's of no help at the moment.

Share:
8,140

Related videos on Youtube

Mike B
Author by

Mike B

Technology Enthusiast, Gamer, Sci-Fi Addict, and DIY-er in training. =)

Updated on September 18, 2022

Comments

  • Mike B
    Mike B over 1 year

    CentOS 5.x

    I want to confirm which SSL ciphers are supported and preferred on my web server. Is there an easy way to do this WITHOUT using third-party audit software/equipment? I was hoping for something in openssl. Unfortunately, the web server is locked down so other third-party online tools like Qualys SSL Test won't work.

  • plasmid87
    plasmid87 about 12 years
    A script has been posted on superuser, which should automate the process using locally available ciphers.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to upgrade OpenSSL in CentOS 6.5 / Linux / Unix from source?
Am i hacked? unknown processes dsfref, gfhddsfew, dsfref etc are starting automatically in centos 6.5
What does "Require all granted" on Directory / (root) REALY means? (Apache 2.4 on CentOS7
iptables blocking from internet side on eth1?
How to disable TCP SACK for CentOS?
Why do I have untrusted certificates for Google, Yahoo, Mozilla and others?
nginx - 403 Forbidden
Why firewalld doesn't apply my drop rule?
Reset firewalld rules to default?
StartSSL cert doesn't work with Dovecot/OpenSMTPD