sslscan is an one of the tool check SSL/TLS service, like HTTPS in order to find out the ciphers that are supported. You can get the certificate and output in text and XML formats, also supported version OpenSSL.
If you could not found the command "sslscan", just install into your system by command
ubuntu / Debian,
# sudo apt-get install sslscan
CentOS / Fedora:
# yum install sslscan
# sslscan thelinuxfq.com
# sslscan thelinuxfq.com
_
___ ___| |___ ___ __ _ _ __
/ __/ __| / __|/ __/ _` | '_ \
\__ \__ \ \__ \ (_| (_| | | | |
|___/___/_|___/\___\__,_|_| |_|
sslscan version 1.10.2
OpenSSL 1.0.1e-fips 11 Feb 2013
Testing SSL server thelinuxfq.com on port 443
Supported Client Cipher(s):
DES-CBC3-MD5
IDEA-CBC-MD5
RC2-CBC-MD5
RC4-MD5
DES-CBC-MD5
EXP-RC2-CBC-MD5
EXP-RC4-MD5
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-AES256-SHA
ECDHE-ECDSA-AES256-SHA
...
...
Preferred Server Cipher(s):
SSLv3 0 bits (NONE)
TLSv1 256 bits ECDHE-RSA-AES256-SHA
TLS11 256 bits ECDHE-RSA-AES256-SHA
TLS12 256 bits ECDHE-RSA-AES256-GCM-SHA384
SSL Certificate:
Certificate blob:
-----BEGIN CERTIFICATE-----
X509v3 Subject Key Identifier:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
X509v3 CRL Distribution Points:
Full Name:
URI:http://anc.sslprov.com/CERTFIDomainValidationSecureServerCA.crl
Authority Information Access:
CA Issuers - URI:http://crt.sslprov.com/CERTFIDomainValidationSecureServerCA.crt
OCSP - URI:http://ocsp.sslprov.com
X509v3 Subject Alternative Name:
DNS:www.thelinuxfq.com, DNS:thelinuxfq.com
Also try with below command,
# sslscan thelinuxfq.com:80
# sslscan thelinuxfq.com:25
# sslscan thelinuxfq.com:25
Comments (0)