Loading...

Course Content

Total learning: 21 lessons Time: 2 hours

Confirm TLS 1.2 Protocols are Enabled

There are several options to test your site for TLS 1.2 Protocols.

Option 1: Use SSL Labs for external testing

To quickly test external facing servers, it’s possible to use the free online service from Qualys SSL Labs. This free online service performs a deep analysis of the configuration of any SSL web server on the public Internet.  https://www.ssllabs.com/ssltest/index.html

Option 2: Use SSLyze for internal testing

SSLyze is a Python library and a CLI tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive and should help organizations and testers identify mis-configurations affecting their SSL/TLS servers.

1. Visit: https://github.com/nabla-c0d3/sslyze

2. Download the appropriate files

3. Windows compatible exe can be found on this page: https://github.com/nabla-c0d3/sslyze/releases

4. Open an administrative command prompt and navigate to the location of SSLyze

5. Run the following command: exe –regular 10.0.70.35:443  (Change IP above to server IP or host name)

Results should indicate that the server rejected all cypher suites for every protocol except for TLS 1.2

Was this Information helpful?