So if you were following closely on recent developments regarding SSL/TLS security, you might have heard that Qualys SSL labs released an API to automate the testing of internet hosted applications with their awesome hosted testing solution.
If you have not heard about it here is the location to their server testing page - https://www.ssllabs.com/ssltest/
And their API documentation here - https://github.com/ssllabs/ssllabs-scan/blob/master/ssllabs-api-docs.md
So now that the API is released you can automate testing of any number of servers with any language that is able to talk with qualys server via HTTP protocol. My company wanted to test all of our servers with SSL labs, so i thought why can't i automate it with python or something. So here it is, i made a multithreaded python script to test a large number of servers in one go and get results in neat format that my management wanted :-)
The script is intended for python 2.7
You can find the script here - https://github.com/moheshmohan/pyssltest
The script takes a text file as input with the urls to servers that you need test listed line by line and it initites ssl lab tests on each of them (25 threads parallel so 25 tests) and based on the result it generates a CSV file with extended information from the results
Please note that the script currently supports only one endpoint per url, i will enhance it in future to iterate through each endpoints, in case of urls with multiple endpoints.
The results will contain the following items each row
Input_URL - The input URL
Domain - The domain
IP - The IP address it resolved to
returncode - The value returned from Qualys server (READY, ERROR etc)
Grade - The Grade as per Qualys rating
Secondary grade - Secondary Grade as per qualys ratingNow it contains these items per each server. Basically these contain Y (yes) or N (no) values and the headings are self explanatory
Freak
Poodle_TLS
Insecure renegotiation
OpenSSL ccs
Insecure DH
SSL v2
Poodle_SSL
wrong domain
cert expired
self signed cert
No TLS1.2?
SSL v3
RC4
cert chain issue
CRIME
forward secrecy not supported?
weak private key?
weak signature
secure renegotiation
TLS 1.0
TLS 1.1
TLS 1.2
Running the script
To run the script you can use the following commandpython pyssltest.py -i inp.txt -o inp.csv -n
I will explain each switches,
-i <filename> :- A text file with target urls listed line by line
-o <filename> :- A csv file to which the output will be written
-n :- Optional, To always initiate new tests. If this is omitted cached results from qualys is fetchedIts pretty simple and fast way to run ssl labs against a bunch of servers.
Please provide some feedback about script on comments below.
Thanks for reading
Your blog is so inspiring for the young generations.thanks for sharing your information with us and please update
ReplyDeletemore new ideas.
JAVA Training in Chennai
JAVA Training in Velachery
Software testing training in chennai
Android Training in Chennai
Selenium Training in Chennai
Hadoop Training in Chennai
JAVA Training in Chennai
Java Training in Tnagar
Hello team ,
ReplyDeleteThanks for your post, i have used the python script to check SSL certificates for some websites, i got this errors, i have checked for several times without success :/
```
Input_URL,Domain,IP,Common Name,Source,Date Added,Portfolio,sub portfolio,ELT,POC,IT Contact,Status,returncode,Grade,Secondary grade,Expected Remediation Date,Grade After Remediation,Actual Remediation Date,Actual Grade after Remediation,Drown (Experimental),Freak,Logjam,Poodle_TLS,Insecure renegotiation,OpenSSL ccs,Insecure DH,SSL v2,SSLv2 SuitesDisabled,Poodle_SSL,wrong domain,cert expired,Ey issued cert,self signed cert,No TLS1.2?,SSL v3,RC4,rc4Only,cert chain issue,Cert chain incomplete,CRIME,forward secrecy not supported?,weak private key?,weak signature,secure renegotiation,TLS 1.0,TLS 1.1,TLS 1.2,Recommendation to raise score to A,Date Last scanned(Auto),Date Manually validated,Comments,Audit teams Comments(New grade as on *),Thumbprint,common names,alternate names
ldeb.fr,ldeb.fr,[Errno 2] No such file or directory: 'results/ldeb.fr.txt',READY,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error,Error
```
Could have any suggestions plz
Regards
This article is increasing the interest to learn more about this topic. Continue the sharing your new updates, regularly for my future.
ReplyDeleteLinux Training in Chennai
Learn Linux
Spark Training in Chennai
Oracle Training in Chennai
JMeter Training in Chennai
Appium Training in Chennai
Power BI Training in Chennai
Embedded System Course Chennai
Pega Training in Chennai
Linux Training in Thiruvanmiyur
The article is so informative. This is more helpful for our
ReplyDeletesoftware testing training institute in chennai with placement
selenium training in chennai
software testing course in chennai with placement
magento training course in chennai
Thanks for sharing.
Awesome post. I am a normal visitor of your blog and appreciate you taking the time to maintain the excellent site. I’ll be a frequent visitor for a long time.
ReplyDeleteACP Sheet
ACP Sheet Price
Aluminium Composite Panel
ACP Panel
ACP Sheets
I like the helpful info you provide in your articles. I’ll bookmark your weblog and check again here regularly. I am quite sure I will learn much new stuff right here! Good luck for the next!
ReplyDeleteWeb Designing Training Institute in Chennai | web designing and development course | web design and programming courses
Web Designing Course in Chennai | Web Designing Training in Chennai
Web Designing Training Institute in Chennai | Web Designing courses in Chennai with Placement
Mobile Application Development Courses in chennai
The blog you shared is very good. I expect more information from you like this blog. Thankyou.
ReplyDeleteArtificial Intelligence Course in Chennai
ai courses in chennai
artificial intelligence training in chennai
ai classes in chennai
best artificial intelligence training in chennai
Hadoop Training in Bangalore
salesforce training in bangalore
Python Training in Bangalore
Pretty blog, so many ideas in a single site, thanks for the informative article, keep updating more article.
ReplyDeleteJAVA Training in Chennai
JAVA Course in Chennai
Java Training in Bangalore
Java Course in Bangalore
Java Training in Coimbatore
Java Course in Coimbatore
Java Course in Madurai
Java Training in Madurai
Thanks for this wonderful blog. keep update more information about this
ReplyDeleteEthical Hacking Course in Chennai
Hacking Course in Chennai
Ethical hacking course in bangalore
Ethical hacking course in coimbatore
Ethical Hacking Training in Chennai
Certified Ethical Hacking Course in Chennai
Ethical Hacking Training Institute in Chennai
Ethical hacking Training institute in bangalore
Software Testing Training in Chennai
ielts coaching centre in coimbatore
http://0link.mihanblog.com
ReplyDeletehttp://3dcg.mihanblog.com
http://3djewellery.mihanblog.com
http://3djewelry.mihanblog.com
http://3dkid.mihanblog.com
http://3dkids.mihanblog.com
http://3dwomen.mihanblog.com
http://abrastak.mihanblog.com
http://abtintvto.mihanblog.com
http://aeglift.mihanblog.com
http://backlink365.blog.ir
ReplyDeletehttp://barbary-tehran.blog.ir
http://barbary-tehran1.blog.ir
http://batis-co.blog.ir
http://blogerman.blog.ir
http://delphico.blog.ir
http://dreamss.blog.ir
http://fetne.blog.ir
http://freepikdl.blog.ir
http://freepik-dl.blog.ir
Such a great blog.Thanks for sharing.........
ReplyDeleteSoftware Testing Training in Chennai
Software Testing Course in Bangalore
Software Testing Training in Coimbatore
Software Testing Course in Madurai
Best Software Testing Training Institute in Coimbatore
Software Testing Course in Coimbatore
Software Testing Institute in Coimbatore
Hacking Course in Chennai
python course in coimbatore
ReplyDeletejava course in coimbatore
python training in coimbatore
java training in coimbatore
php course in coimbatore
php training in coimbatore
android course in coimbatore
android training in coimbatore
datascience course in coimbatore
datascience training in coimbatore
ethical hacking course in coimbatore
ethical hacking training in coimbatore
artificial intelligence course in coimbatore
artificial intelligence training in coimbatore
digital marketing course in coimbatore
digital marketing training in coimbatore
embedded system course in coimbatore
embeddedsystem training in coimbatore
python course in coimbatore
ReplyDeletepython training in coimbatore
java course in coimbatore
java training in coimbatore
android course in coimbatore
android training in coimbatore
php course in coimbatore
php training in coimbatore
digital marketing course in coimbatore
digital marketing training in coimbatore
software testing course in coimbatore
software testing training in coimbatore
Thanks for sharing informative article. We are one of the reputed removalists Melbourne offer professional home, office and furniture relocation service at affordable service. piano movers Melbourne
ReplyDeletepython course in coimbatore
ReplyDeletepython training in coimbatore
java course in coimbatore
java training in coimbatore
android course in coimbatore
android training in coimbatore
php course in coimbatore
php training in coimbatore
digital marketing course in coimbatore
digital marketing training in coimbatore
software testing course in coimbatore
software testing training in coimbatore