Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check for weak ciphers #501

Open
matteocorti opened this issue Jan 17, 2024 Discussed in #500 · 1 comment
Open

Check for weak ciphers #501

matteocorti opened this issue Jan 17, 2024 Discussed in #500 · 1 comment
Assignees
@matteocorti
Labels
enhancement

Comments

@matteocorti
Copy link
Owner

Discussed in #500

Originally posted by nickjwest January 17, 2024
Can you add a check that will look for weak ciphers. such as is found using curl on Debian system where there is a default reject of anything below 2048.

  • ALPN, offering h2
  • ALPN, offering http/1.1
  • successfully set certificate verify locations:
  • CAfile: /etc/ssl/certs/ca-certificates.crt
    CApath: /etc/ssl/certs
  • TLSv1.3 (OUT), TLS handshake, Client hello (1):
  • TLSv1.3 (IN), TLS handshake, Server hello (2):
  • TLSv1.2 (IN), TLS handshake, Certificate (11):
  • TLSv1.2 (OUT), TLS alert, bad certificate (554):
  • SSL certificate problem: EE certificate key too weak
  • Closing connection 0
    curl: (60) SSL certificate problem: EE certificate key too weak
    More details here: https://curl.haxx.se/docs/sslcerts.html
@matteocorti matteocorti self-assigned this Jan 17, 2024
@matteocorti
Copy link
Owner Author

Why not ...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@matteocorti matteocorti

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@matteocorti