Friday, December 16, 2016

how to test various bad ssl

When using  proxy or  SSL inspection devices,  it's vry nice to be able to test for various ssl errors. The site and when use with your  client-browser can assist and help with identifying errors.

 Each browser can exhibit differences in alert or warnings or errors based on; browser type, revision, security settings, any path or MiTM inspection devices, etc.....


badssl  dot com has had this site out for a while & with the means to draft various browser  conditions and by clicking that link you can create that  condition

examples of just some of the conditions

 


( cert expire, sha1, weak dhgrp,etc.....)


So  let's say you want to check your browser  error and function with a expired_certificate & the reported outcome.


( examples )



 FireFox


 Opera


 Chrome



I've used this  site when testing the FortiGate  ssh inspection or other security appliance that handles HTTPs inspections or MiTM. Or to find out if your HTTPS proxy does any  certificate validations.



Ken Felix



kfelix @ socpuppets.com

NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com

     ^      ^
=(  @  @ )=
         o 
        /  \



No comments:

Post a Comment