Quale versione TLS sta usando il tuo sito? Basta il comando openssl lanciato da una macchina Linux che abbia accesso al tuo sito, per scoprirlo. Ecco il comando:
ostrich@myserver:~# openssl s_client -connect www.google.com:443Grazie google! Vediamo l’output del comando (ho rimosso alcune parti):
ostrich@myserver:~# openssl s_client -connect www.google.com:443
CONNECTED(00000003)
depth=0 CN = www.google.com
verify return:1
---
Certificate chain
0 s:CN = www.google.com
---
Server certificate
-----BEGIN CERTIFICATE-----
certificate
-----END CERTIFICATE-----
subject=CN = www.google.com
---
No client certificate CA names sent
SSL handshake has read 4108 bytes and written 396 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 256 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
---
read R BLOCK
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
---
read R BLOCK
HTTP/1.0 400 Bad Request
Content-Length: 54
Content-Type: text/html; charset=UTF-8
Date: Tue, 08 Oct 2024 10:06:09 GMT
<html><title>Error 400 (Bad Request)!!1</title></html>808B6E37EC7F0000:error:0A000126:SSL routines:ssl3_read_n:unexpected eof while reading:../ssl/record/rec_layer_s3.c:317:
Come puoi vedere, il sito di questo esempio usa TLS v1.3, qundi col comando:
openssl s_client -connect websitename:port
puoi verificare in modo veloce il livello di sicurezza TLS del tuo sito o del tuo server web.