hoje vim mostrar algumas ferramentas interessantes para testar sites e seus certificados ssl.
a ideia aqui é verificar se a configuração de SSL/TLS em nosso webserver ou reverseproxy está dentro dos conformes.
sslscan
instalando via homebrew
brew install sslscan
rodando scan contra a bolha.us
sslscan bolha.us
saída
version: 2.1.3
OpenSSL 3.3.0 9 Apr 2024
Connected to 144.217.95.91
Testing SSL server bolha.us on port 443 using SNI name bolha.us
SSL/TLS Protocols:
SSLv2 disabled
SSLv3 disabled
TLSv1.0 disabled
TLSv1.1 disabled
TLSv1.2 enabled
TLSv1.3 enabled
TLS Fallback SCSV:
Server supports TLS Fallback SCSV
TLS renegotiation:
Session renegotiation not supported
TLS Compression:
OpenSSL version does not support compression
Rebuild with zlib1g-dev package for zlib support
Heartbleed:
TLSv1.3 not vulnerable to heartbleed
TLSv1.2 not vulnerable to heartbleed
Supported Server Cipher(s):
Preferred TLSv1.3 256 bits TLS_AES_256_GCM_SHA384 Curve P-521 DHE 521
Accepted TLSv1.3 256 bits TLS_CHACHA20_POLY1305_SHA256 Curve P-521 DHE 521
Accepted TLSv1.3 128 bits TLS_AES_128_GCM_SHA256 Curve P-521 DHE 521
Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-521 DHE 521
Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-521 DHE 521
Accepted TLSv1.2 256 bits ECDHE-RSA-CHACHA20-POLY1305 Curve P-521 DHE 521
Server Key Exchange Group(s):
TLSv1.3 192 bits secp384r1 (NIST P-384)
TLSv1.3 260 bits secp521r1 (NIST P-521)
TLSv1.2 192 bits secp384r1 (NIST P-384)
TLSv1.2 260 bits secp521r1 (NIST P-521)
SSL Certificate:
Signature Algorithm: sha256WithRSAEncryption
RSA Key Strength: 2048
Subject: bolha.us
Altnames: DNS:*.bolha.us, DNS:bolha.us
Issuer: R3
Not valid before: May 9 23:23:16 2024 GMT
Not valid after: Aug 7 23:23:15 2024 GMT
a saída é bem compreensível e nos ajuda a arrumar problemas, não é muito detalhado, mas já dá uma boa visão da coisa.
testssl
brew install testssl
rodando scan contra a bolha.us
testssl.sh bolha.us
saída
No engine or GOST support via engine with your /opt/homebrew/opt/openssl@3/bin/openssl
###########################################################
testssl.sh 3.0.8 from https://testssl.sh/
This program is free software. Distribution and
modification under GPLv2 permitted.
USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
Please file bugs @ https://testssl.sh/bugs/
###########################################################
Using "OpenSSL 3.3.0 9 Apr 2024 (Library: OpenSSL 3.3.0 9 Apr 2024)" [~69 ciphers]
on Sunny:/opt/homebrew/opt/openssl@3/bin/openssl
(built: "Apr 9 12:12:22 2024", platform: "darwin64-arm64-cc")
Start 2024-05-27 18:44:39 -->> 144.217.95.91:443 (bolha.us) <<--
rDNS (144.217.95.91): vps-09521806.vps.ovh.ca.
Service detected: HTTP
Testing protocols via sockets except NPN+ALPN
SSLv2 not offered (OK)
SSLv3 not offered (OK)
TLS 1 not offered
TLS 1.1 not offered
TLS 1.2 offered (OK)
TLS 1.3 offered (OK): final
NPN/SPDY not offered
ALPN/HTTP2 h2, http/1.1 (offered)
Testing cipher categories
NULL ciphers (no encryption) not offered (OK)
Anonymous NULL Ciphers (no authentication) not offered (OK)
Export ciphers (w/o ADH+NULL) not offered (OK)
LOW: 64 Bit + DES, RC[2,4] (w/o export) not offered (OK)
Triple DES Ciphers / IDEA not offered
Obsolete CBC ciphers (AES, ARIA etc.) not offered
Strong encryption (AEAD ciphers) offered (OK)
Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4
PFS is offered (OK) TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-CHACHA20-POLY1305 TLS_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256
Elliptic curves offered: secp384r1 secp521r1
Testing server preferences
Has server cipher order? noyes (OK) -- TLS 1.3 and below
Negotiated protocol TLSv1.3
Negotiated cipher TLS_AES_256_GCM_SHA384, 521 bit ECDH (P-521)
Cipher order
TLSv1.2: ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-CHACHA20-POLY1305
TLSv1.3: TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256
Testing server defaults (Server Hello)
TLS extensions (standard) "renegotiation info/#65281" "server name/#0" "EC point formats/#11" "status request/#5"
"supported versions/#43" "key share/#51" "max fragment length/#1"
"application layer protocol negotiation/#16" "extended master secret/#23"
Session Ticket RFC 5077 hint no -- no lifetime advertised
SSL Session ID support yes
Session Resumption Tickets no, ID: yes
TLS clock skew Random values, no fingerprinting possible
Signature Algorithm SHA256 with RSA
Server key size RSA 2048 bits
Server key usage Digital Signature, Key Encipherment
Server extended key usage TLS Web Server Authentication, TLS Web Client Authentication
Serial 0336FF7DB32A882837BB8D1D791BBEE83FBF (OK: length 18)
Fingerprints SHA1 3716ABB14E60606D6F40316A4CE9DB1ECD0A38FE
SHA256 BBA4737C05193C99C1D40478BDE0E0E69FE9948B1106B16DD511927790DD3BFB
Common Name (CN) bolha.us (CN in response to request w/o SNI: bolha.blog )
subjectAltName (SAN) *.bolha.us bolha.us
Issuer R3 (Let's Encrypt from US)
Trust (hostname) Ok via SAN (SNI mandatory)
Chain of trust Ok
EV cert (experimental) no
ETS/"eTLS", visibility info not present
Certificate Validity (UTC) 72 >= 30 days (2024-05-09 23:23 --> 2024-08-07 23:23)
# of certificates provided 2
Certificate Revocation List --
OCSP URI http://r3.o.lencr.org
OCSP stapling offered, not revoked
OCSP must staple extension --
DNS CAA RR (experimental) available - please check for match with "Issuer" above: issue=letsencrypt.org
Certificate Transparency yes (certificate extension)
Testing HTTP header response @ "/"
HTTP Status Code 200 OK
HTTP clock skew 0 sec from localtime
Strict Transport Security 730 days=63072000 s, includeSubDomains
Public Key Pinning --
Server banner Mastodon
Application banner --
Cookie(s) (none issued at "/")
Security headers X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Security-Policy: base-uri 'none'; default-src 'none'; frame-ancestors 'none';
font-src 'self' https://bolha.us; img-src 'self' https: data: blob: https://bolha.us;
style-src 'self' https://bolha.us 'nonce-itY5bK+IRi3Upw4iF9lusw=='; media-src 'self'
https: data: https://bolha.us; frame-src 'self' https:; manifest-src 'self'
https://bolha.us; form-action 'self'; child-src 'self' blob: https://bolha.us;
worker-src 'self' blob: https://bolha.us; connect-src 'self' data: blob:
https://bolha.us https://cdn.bolha.us wss://bolha.us; script-src 'self'
https://bolha.us 'wasm-unsafe-eval'
Referrer-Policy: same-origin
Cache-Control: max-age=15, public, stale-while-revalidate=30, stale-if-error=86400
X-XSS-Protection: 0
Reverse Proxy banner X-Cached: HIT
Testing vulnerabilities
Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension
CCS (CVE-2014-0224) not vulnerable (OK)
Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK), no session ticket extension
ROBOT Server does not support any cipher suites that use RSA key transport
Secure Renegotiation (RFC 5746) supported (OK)
Secure Client-Initiated Renegotiation not vulnerable (OK)
CRIME, TLS (CVE-2012-4929) not vulnerable (OK)
BREACH (CVE-2013-3587) potentially NOT ok, "gzip" HTTP compression detected. - only supplied "/" tested
Can be ignored for static pages or if no secrets in the page
POODLE, SSL (CVE-2014-3566) not vulnerable (OK), no SSLv3 support
TLS_FALLBACK_SCSV (RFC 7507) No fallback possible (OK), no protocol below TLS 1.2 offered
SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)
FREAK (CVE-2015-0204) not vulnerable (OK)
DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)
make sure you don't use this certificate elsewhere with SSLv2 enabled services
https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=BBA4737C05193C99C1D40478BDE0E0E69FE9948B1106B16DD511927790DD3BFB
LOGJAM (CVE-2015-4000), experimental not vulnerable (OK): no DH EXPORT ciphers, no DH key detected with <= TLS 1.2
BEAST (CVE-2011-3389) not vulnerable (OK), no SSL3 or TLS1
LUCKY13 (CVE-2013-0169), experimental not vulnerable (OK)
RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)
Testing 370 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength
Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (IANA/RFC)
-----------------------------------------------------------------------------------------------------------------------------
x1302 TLS_AES_256_GCM_SHA384 ECDH 521 AESGCM 256 TLS_AES_256_GCM_SHA384
x1303 TLS_CHACHA20_POLY1305_SHA256 ECDH 521 ChaCha20 256 TLS_CHACHA20_POLY1305_SHA256
xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 521 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
xcca8 ECDHE-RSA-CHACHA20-POLY1305 ECDH 521 ChaCha20 256 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
x1301 TLS_AES_128_GCM_SHA256 ECDH 521 AESGCM 128 TLS_AES_128_GCM_SHA256
xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 521 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Running client simulations (HTTP) via sockets
Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384)
Android 7.0 (native) No connection
Android 8.1 (native) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384)
Android 9.0 (native) TLSv1.3 TLS_AES_256_GCM_SHA384, 384 bit ECDH (P-384)
Android 10.0 (native) TLSv1.3 TLS_AES_256_GCM_SHA384, 384 bit ECDH (P-384)
Android 11 (native) TLSv1.3 TLS_AES_256_GCM_SHA384, 384 bit ECDH (P-384)
Android 12 (native) TLSv1.3 TLS_AES_256_GCM_SHA384, 384 bit ECDH (P-384)
Chrome 79 (Win 10) TLSv1.3 TLS_AES_256_GCM_SHA384, 384 bit ECDH (P-384)
Chrome 101 (Win 10) TLSv1.3 TLS_AES_256_GCM_SHA384, 384 bit ECDH (P-384)
Firefox 66 (Win 8.1/10) TLSv1.3 TLS_AES_256_GCM_SHA384, 521 bit ECDH (P-521)
Firefox 100 (Win 10) TLSv1.3 TLS_AES_256_GCM_SHA384, 521 bit ECDH (P-521)
IE 6 XP No connection
IE 8 Win 7 No connection
IE 8 XP No connection
IE 11 Win 7 No connection
IE 11 Win 8.1 No connection
IE 11 Win Phone 8.1 No connection
IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384)
Edge 15 Win 10 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384)
Edge 101 Win 10 21H2 TLSv1.3 TLS_AES_256_GCM_SHA384, 384 bit ECDH (P-384)
Safari 12.1 (iOS 12.2) TLSv1.3 TLS_AES_256_GCM_SHA384, 521 bit ECDH (P-521)
Safari 13.0 (macOS 10.14.6) TLSv1.3 TLS_AES_256_GCM_SHA384, 521 bit ECDH (P-521)
Safari 15.4 (macOS 12.3.1) TLSv1.3 TLS_AES_256_GCM_SHA384, 521 bit ECDH (P-521)
Java 7u25 No connection
Java 8u161 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 521 bit ECDH (P-521)
Java 11.0.2 (OpenJDK) TLSv1.3 TLS_AES_256_GCM_SHA384, 521 bit ECDH (P-521)
Java 17.0.3 (OpenJDK) TLSv1.3 TLS_AES_256_GCM_SHA384, 521 bit ECDH (P-521)
go 1.17.8 TLSv1.3 TLS_AES_256_GCM_SHA384, 521 bit ECDH (P-521)
LibreSSL 2.8.3 (Apple) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384)
OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 521 bit ECDH (P-521)
OpenSSL 1.1.0l (Debian) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 521 bit ECDH (P-521)
OpenSSL 1.1.1d (Debian) TLSv1.3 TLS_AES_256_GCM_SHA384, 521 bit ECDH (P-521)
OpenSSL 3.0.3 (git) TLSv1.3 TLS_AES_256_GCM_SHA384, 521 bit ECDH (P-521)
Apple Mail (16.0) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 521 bit ECDH (P-521)
Thunderbird (91.9) TLSv1.3 TLS_AES_256_GCM_SHA384, 521 bit ECDH (P-521)
Done 2024-05-27 18:48:11 [0214s] -->> 144.217.95.91:443 (bolha.us) <<--
esse é outro projeto que traz uma saída absurdamente detalhada do nosso site, certificado e configuração de SSL/TLS.
arrisco dizer que é um teste equivalente ao ssllabs da qualys (ssllabs.com/ssltest).
aqui conseguimos ver até quais devices a gente consegue atender com nossa configuração atual.
ssllabs-scan
instalando via homebrew
brew install ssllabs-scan
rodando scan contra a bolha.us
sslscan bolha.us
saída
ssllabs-scan -grade https://bolha.photos
2024/05/27 18:54:13 [INFO] SSL Labs v2.3.0 (criteria version 2009q)
2024/05/27 18:54:13 [NOTICE] Server message: This assessment service is provided free of charge by Qualys SSL Labs, subject to our terms and conditions: https://www.ssllabs.com/about/terms.html
2024/05/27 18:54:16 [INFO] Assessment starting: https://bolha.photos
2024/05/27 18:55:15 [INFO] Assessment complete: https://bolha.photos (1 host in 56 seconds)
144.217.95.91: A+
HostName:"https://bolha.photos"
"144.217.95.91":"A+"
a saída do cli é fraquinha, mas depois voce pode acessar pela web para ver em detalhes, fica cacheado.
o ssllabs é um dos mais conhecidos testes de SSL do mercado, bem detalhado e dá um score para seu site, sendo um dos mais usados e confiáveis por profissionais.
outras ferramentas que podem ser úteis
ferramentas cli
ferramentas web
leia as recomendações
Normalmente, dependendo do resultado do scanner, as ferramentas vão mostrar recomendações de como melhorar sua configuração, fique atento ao output de cada ferramenta.
sites web para checagem
olha no detalhe as recomendações destes dois acima, são muito completos.
checando cifras
configuracao de ssl
refs
Gostou do conteúdo?
Você também me encontra nessas redes!
Mastodon
@gutocarvalho@bolha.us
PixelFed
@gutocarvalho@bolha.photos
Lemmy
@gutocarvalho@bolha.forum
WriteFreely
@gutocarvalho@bolha.blog
@notamental@bolha.blog
@poesias@bolha.blog
@contos@bolha.blog
Bookwyrm
@gutocarvalho@bolha.review
Peertube
@gutocarvalho@bolha.tube
Funkwhale
@gutocarvalho@bolha.studio
Friendica
@gutocarvalho@bolha.network
Quer saber mais sobre mim?
Visite meus sites!
Conhece o Coletivo Bolha?
Então vem conhecer o bolha.io!
- fediverso
- mastodon, https://bolha.us
- pixelfed, https://bolha.photos
- lemmy, https://bolha.forum
- bookwyrnm, https://bolha.review
- writefreely, https://bolha.blog
- peertube, https://bolha.tube
- castopod, https://bolha.studio
- owncast, https://bolha.stream
- friendica, https://bolha.network
- gacio, https://bolha.events
- chat
- video
- agenda
- frontends
- translations
- editors
- secrets sharing
- pastbin
- terminal recorder
- anti paywall
Nós temos muito mais para compartilhar contigo!
Conhece o HackSpace da Bolha?
Vem conhecer o espaço que usamos para estudar o fediverso!
Nosso site
WriteFreely
Quer apoiar nosso trabalho? Você pode!
Te vejo no mastodon da bolha.us!
[s]