########################################################### testssl.sh 3.0 from https://testssl.sh/ This program is free software. Distribution and modification under GPLv2 permitted. USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK! Please file bugs @ https://testssl.sh/bugs/ ########################################################### Using "OpenSSL 1.1.1c FIPS 28 May 2019" [~85 ciphers] on testssl-867d6dc689-l5gt4:/usr/bin/openssl (built: "Mar 5 10:03:36 2020", platform: "linux-x86_64") Start 2020-07-27 20:38:25 -->> 172.30.66.252:9080 (reviews) <<-- rDNS (172.30.66.252): reviews.example-bookinfo.svc.cluster.local. Service detected: certificate-based authentication => skipping all HTTP checks Testing protocols via sockets except NPN+ALPN SSLv2 not offered (OK) SSLv3 not offered (OK) TLS 1 not offered TLS 1.1 not offered TLS 1.2 offered (OK) TLS 1.3 not offered and downgraded to a weaker protocol NPN/SPDY not offered ALPN/HTTP2 h2, http/1.1 (offered) Testing cipher categories NULL ciphers (no encryption) not offered (OK) Anonymous NULL Ciphers (no authentication) not offered (OK) Export ciphers (w/o ADH+NULL) not offered (OK) LOW: 64 Bit + DES, RC[2,4] (w/o export) not offered (OK) Triple DES Ciphers / IDEA not offered Obsolete: SEED + 128+256 Bit CBC cipher not offered Strong encryption (AEAD ciphers) offered (OK) Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 PFS is offered (OK) ECDHE-RSA-AES128-GCM-SHA256 Elliptic curves offered: prime256v1 secp384r1 Testing server preferences Has server cipher order? yes (OK) Negotiated protocol TLSv1.2 Negotiated cipher ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Cipher order TLSv1.2: ECDHE-RSA-AES128-GCM-SHA256 Testing server defaults (Server Hello) TLS extensions (standard) "renegotiation info/#65281" "EC point formats/#11" "session ticket/#35" "max fragment length/#1" "application layer protocol negotiation/#16" "extended master secret/#23" Session Ticket RFC 5077 hint no -- no lifetime advertised SSL Session ID support yes Session Resumption Tickets no, Client Auth: ID resumption test not supported TLS clock skew Random values, no fingerprinting possible Signature Algorithm SHA256 with RSA Server key size RSA 2048 bits Server key usage Digital Signature, Key Encipherment Server extended key usage TLS Web Server Authentication, TLS Web Client Authentication Serial / Fingerprints 79EB4723DF7FFFB5B49486E1D2A9EA4A / SHA1 1CA63522558099222967322AB7A13B518633B625 SHA256 AFDC39AA4236017399B3C568AEC1A75085C1282E4C43C0190D6B6B5FD69C7F70 Common Name (CN) (no CN field in subject) subjectAltName (SAN) spiffe://cluster.local/ns/example-bookinfo/sa/bookinfo-reviews Issuer (cluster.local) Trust (hostname) certificate does not match supplied URI (same w/o SNI) Chain of trust NOT ok (self signed CA in chain) EV cert (experimental) no ETS/"eTLS", visibility info not present Certificate Validity (UTC) 89 >= 60 days (2020-07-27 15:10 --> 2020-10-25 15:10) # of certificates provided 2 Certificate Revocation List -- OCSP URI -- NOT ok -- neither CRL nor OCSP URI provided OCSP stapling not offered OCSP must staple extension -- DNS CAA RR (experimental) not offered Certificate Transparency -- Testing vulnerabilities Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension CCS (CVE-2014-0224) not vulnerable (OK) Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK), no session tickets ROBOT Server does not support any cipher suites that use RSA key transport Secure Renegotiation (RFC 5746) supported (OK) Secure Client-Initiated Renegotiation client x509-based authentication prevents this from being tested CRIME, TLS (CVE-2012-4929) not vulnerable (OK) BREACH (CVE-2013-3587) cannot be tested (server side requires x509 authentication) failed (HTTP header request stalled or empty return) POODLE, SSL (CVE-2014-3566) not vulnerable (OK), no SSLv3 support TLS_FALLBACK_SCSV (RFC 7507) No fallback possible (OK), no protocol below TLS 1.2 offered SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK) FREAK (CVE-2015-0204) not vulnerable (OK) DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK) make sure you don't use this certificate elsewhere with SSLv2 enabled services https://censys.io/ipv4?q=AFDC39AA4236017399B3C568AEC1A75085C1282E4C43C0190D6B6B5FD69C7F70 could help you to find out LOGJAM (CVE-2015-4000), experimental not vulnerable (OK): no DH EXPORT ciphers, no DH key detected with <= TLS 1.2 BEAST (CVE-2011-3389) not vulnerable (OK), no SSL3 or TLS1 LUCKY13 (CVE-2013-0169), experimental not vulnerable (OK) RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK) Testing 370 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (IANA/RFC) ----------------------------------------------------------------------------------------------------------------------------- xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 384 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 Could not determine the protocol, only simulating generic clients. Running client simulations via sockets Android 4.4.2 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Android 5.0.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Android 7.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Android 8.1 (native) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Android 9.0 (native) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Android 10.0 (native) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Chrome 74 (Win 10) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Chrome 79 (Win 10) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Firefox 66 (Win 8.1/10) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Firefox 71 (Win 10) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) IE 6 XP No connection IE 8 Win 7 No connection IE 8 XP No connection IE 11 Win 7 No connection IE 11 Win 8.1 No connection IE 11 Win Phone 8.1 No connection IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Edge 15 Win 10 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Edge 17 (Win 10) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Opera 66 (Win 10) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Safari 9 iOS 9 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Safari 12.1 (iOS 12.2) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Safari 13.0 (macOS 10.14.6) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Java 6u45 No connection Java 7u25 No connection Java 8u161 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Java 11.0.2 (OpenJDK) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Java 12.0.1 (OpenJDK) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) OpenSSL 1.1.0l (Debian) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) OpenSSL 1.1.1d (Debian) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Thunderbird (68.3) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384) Done 2020-07-27 20:39:30 [ 67s] -->> 172.30.66.252:9080 (reviews) <<--