SSL Check

Nmap NSE script added for testing of the recently discovered Heartbleed vulnerability. No guarantees are made but so far testing has had good results.

Check SSL services for vulnerabilities and known weak ciphers with this online scan. Makes use of OpenSSL libraries and Nmap NSE scripts to determine the SSL certificate details and implementation of a web server.

There are known vulnerabilities and cryptographic weakness with certain SSL implementations such as SSLv2 and 40 bit ciphers. This test enables a service to be easily tested for known security problems with the SSL in use.

Launch SSL weak cipher check

Access to scanning is restricted.

Basic Membership is required to use this online security scanner. Immediate access is available to new members or login now if you have a valid membership.

Member Login Scan Membership

  • Test for Heartbleed Vulnerability
  • Get details of a SSL certificate.
  • Detect weak ciphers and SSLv2, a version of SSL with known security vulnerabilities.

About SSL Certificate Checking

SSL (and TLS) provide encrypted communication over the Internet, SSL 2.0 has known vulnerabilities and it is recommended that it no longer be used. PCI compliance for example also mandates that the version SSL 2.0 not be used and the version must be SSL 3.0.

While it can be used for any TCP based service such as FTP, NNTP, SMTP – it is most commonly used to encrypt web traffic. User awareness has become such that non-technical users are aware of the importance of the HTTPS in the URL and the “padlock” in the browser status bar when browsing secure sites such as Internet banking and email.

Using nmap and openssl this online test will query an SSL enabled IP or web address and gather details of the SSL Certificate that is being used. SSL on IIS or Apache or any other web servers will be queried. Nmap NSE scripts are used for the SSL Check, they will determine details of the certificate as well as the version of ciphers in use and whether they are SSL 3.0 or SSL 2.0. PCI Compliance requires that SSL version 3.0 be used and SSL 2.0 is disabled.