Debugging issues
In the section, we will learn how to debug common SSL-related issues:
- Know your SSL/TLS server. It's very important how the server is configured, which TLS version is used, and which cipher suites it supports. To do this, use the
nmap
utility as shown:root@bash :/home/ubuntu# nmap --script ssl-cert,ssl-enum-ciphers -p 443 10.0.0.106 Starting Nmap 6.40 ( http://nmap.org ) at 2015-08-03 16:49 UTC Nmap scan report for ip-10-0-0-106.ap-southeast-1.compute.internal (10.0.0.106) Host is up (0.000067s latency). PORT STATE SERVICE 443/tcp open https | ssl-cert: Subject: commonName=ip-10-0-0-106/organizationName=Internet Widgits Pty Ltd/stateOrProvinceName=Some-State/countryName=AU | Issuer: commonName=ip-10-0-0-106/organizationName=Internet ...
Get Packet Analysis with Wireshark now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.