1 min read

Check a webserver's cipher suites

Today we wrote a simple shell script to query an SSL enabled webserver. Pretty fun to have in the aresenal, it looks like this:

Let’s run it against our site and see what we get:

$ ./ssl_cipher_test.sh fak3r.com
tls1_2: ECDHE-RSA-AES256-SHA
tls1_2: AES256-SHA
tls1_2: ECDHE-RSA-AES128-GCM-SHA256
tls1_2: ECDHE-RSA-AES128-SHA
tls1_2: AES128-GCM-SHA256
tls1_2: AES128-SHA

So what do you think?

Not bad