Support
- Advanced Backup
- Client Side
- Cloud Enterprise
- ColdFusion
- Control Panel
- cPanel
- Customer Portal
- DNS Information
- Dedicated Servers
- DirectAdmin
- Domain Name
- dotDefender
- Dreamweaver
- FileCatalyst
- Front Page
- FTP
- General Information
- Hosted Exchange & SharePoint
- IIS6
- IIS7
- Juniper Netscreen Firewalls
- Linux
- List Server
- MIVA Merchant
- MySQL
- Patching / Server Updates
- phpMyAdmin
- Plesk
- Policies and Procedures
- Premium Spam Filtering
- Programming
- Ruby on Rails
- Search Engine Submission
- SharePoint 3
- SharePoint 2010
- SiteDesigner
- SmarterMail 3
- SmarterMail 4
- SmarterMail 5
- SmarterMail 6
- SmarterMail 7
- SmarterStats
- SmarterTrack
- SQL Server
- Secure Socket Layer (SSL)
- Googlecheckout
- Siteseal
- Ssl
- Enable SSL/TLS for proFTPd in Plesk
- Export SSLs from IIS 6 and IIS 7
- Disable SSL 2.0 in IIS
- Disable SSL 2.0 in Apache
- Check validity of SSL Certificate
- Generate a CSR in IIS
- Generate a CSR on a Linux Server
- Create a PFX File using openssl in Linux
- Generate a Self-signed SSL in Linux
- Install SSL from PFX into IIS
- SSL FAQ
- View SSL Details via Command Line
- Install SSL on cPanel with One IP Address
- Trustwave Site Seal Errors
- Uploading Your Website
- Video Tutorials
- Windows Server 2003
- Windows Server 2008
- Web Design
- WordPress
- Advanced Monitoring
- MediaWiki
- Enkompass
- Microsoft Outlook 2010
- Android
- Outlook Web Access
- Critical Availability Service
- NAS Data Transfer
- Customer Portal Demos
- Joomla
- Moodle
- Cloud Dedicated
- Gallery CMS
- phpBB
- Standard Monitoring
- Righteous Restore
- NAS (Network Attached Storage)
- Networking
- SmarterMail 8
- PCI Security Scan
- LinkTiger
- Windows Cloud VPS
- Linux Cloud VPS
- Linux VPS
- Windows VPS
- Hyper V
- ENSIM
- Alert Logic
- Webmin
- e107
- Vbulletin
- VPN
- Visual Vault
- Mozilla Thunderbird
- PyroCMS
- Active Directory
- Vmware Related
- Drupal
View SSL Details via Command Line
This article will discuss viewing the details of an installed SSL via command line. Provided will be various commands for testing the strength of the SSL and commands for testing if the SSL passes compliance.
SSLv2 Disabled:
Run the following via command line:
openssl s_client -connect www.domain.com:443 -ssl2
Should return:
CONNECTED(00000003)
14918:error:1407F0E5:SSL routines:SSL2_WRITE:ssl handshake failure:s2_pkt.c:428:
Alternatively, you can run the following via command line:
curl -Iv2 https://www.domain.com
This should return the following:
* About to connect() to www.domain.com port 443
* Trying 1.2.3.4... connected * Connected to www.domain.com (1.2.3.4) port 443 * successfully set certificate verify locations: * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * SSLv2, Client hello (1): Unknown SSL protocol error in connection to www.domain.com:443 * Closing connection #0 curl: (35) Unknown SSL protocol error in connection to www.domain.com:443
If the last line errors, it means that SSLv2 is disabled.
Ciphers Test:
Run the following command:
openssl s_client -connect www.domain.com:443 –cipher NULL
This should return a result similar to the following if NULL ciphers are not accepted:
CONNECTED(00000003)
3716:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:562:
You can also change the command to use LOW, MEDIUM, HIGH, or FIPS in place of NULL in the example above. This will test for those ciphers respectively and report the result in the same manner.