• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 175
  • Last Modified:

Ways to assess https/ssl websites

https://www.ssllabs.com/ssltest

I currently use the above to scan & assess (but without whitelisting).
Are there better ways/tools do assess a https/ssl site?  Some sites
simply cant connect using the above scanning url
0
sunhux
Asked:
sunhux
3 Solutions
 
Kent WSr. Network / Systems AdminCommented:
Can you explain more of what you mean by "can not connect using the above scanning URL"?
If there is something preventing SSL labs from connecting to your sites, this will probably hinder others.
There are other scanners, I'll only list those that check the security / validity of your cert. Some, for instance, are geared towards just checking for correct installation. These actually test SSL security factors.  (That being said, it's very hard to beat Qualys's SSL Labs.)
Others -
https://www.sslshopper.com/ssl-checker.html
https://www.htbridge.com/ssl/
0
 
sunhuxAuthor Commented:
Then I should be looking at other aspects of the secure website like
what Pen Test scans do : Tcp timestamp, folders of the IIS is listable
etc
0
 
Dave BaldwinFixer of ProblemsCommented:
SSL Labs testing makes a lot of requests to the site it is testing.  Some sites reject the requests at times on the basis that it is not a 'normal' method of requesting the site.
0

Featured Post

Turn Raw Data into a Real Career

There’s a growing demand for qualified analysts who can make sense of Big Data. With an MS in Data Analytics, you can become the data mining, management, mapping, and munging expert that today’s leading corporations desperately need.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now