Check SSL for vulnerable versions and known weak ciphers with this online scan. Makes use of openssl libraries and nmap scripts to determine the SSL certificate details and implementation of a web server.
There are known vulnerabilities and cryptographic weakness with certain SSL implementations such as SSLv2 and 40 bit ciphers. This scan enables a web server to be easily tested for known security problems with the SSL in use.
Start SSL Check and Testing
Access to scanning is restricted.
- Find details of a websites SSL certificate.
- Detect weak ciphers in use by an SSL implementation, that may pose a security risk to the system.
- Discover SSLv2, a version of SSL with known security vulnerabilities.
About SSL Certificate Checking
SSL (and TLS) provide encrypted communication over the Internet, SSL 2.0 has known vulnerabilities and it is recommended that it no longer be used. PCI compliance for example also mandates that the version SSL 2.0 not be used and the version must be SSL 3.0.
While it can be used for any TCP based service such as FTP, NNTP, SMTP – it is most commonly used to encrypt web traffic. User awareness has become such that non-technical users are aware of the importance of the HTTPS in the URL and the “padlock” in the browser status bar when browsing secure sites such as Internet banking and email.
Recent news has included efforts by Facebook and Twitter to implement full SSL based sessions, to protect against session hijacking (firesheep) and snooping by governments of oppressive regimes.