14 June 2007

detecting SSL version accepted by Web server

If you want to detect SSL version accepted by web server, you can use the free OpenSSL.
For the Windows version:
http://www.slproweb.com/download/Win32OpenSSL_Light-0_9_8e.exe

Then the syntax is:
openssl s_client -connect www.google.fr:443


By default, it will use the best crypto. You can restrict to only SSL V2:
openssl s_client -connect www.google.fr:443 -ssl2

Or SSLV3:
openssl s_client -connect www.google.fr:443 -ssl3


One interesting thing is the cypher accepted by the other peer:

---
Ciphers common between both SSL endpoints:
RC4-MD5 EXP-RC4-MD5 RC2-CBC-MD5
EXP-RC2-CBC-MD5 DES-CBC-MD5 DES-CBC3-MD5
---
SSL handshake has read 1004 bytes and written 239 bytes
---
New, SSLv2, Cipher is DES-CBC3-MD5
Server public key is 1024 bit
Compression: NONE
Publié par lordoftheping à 17:16
Libellés : , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)