Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

Test Ciphers in use on a service from linux bash

 

Information

 

Summary:

Create a bash script to test ciphers applied on a service or website.

Environment:

Product:

Version:

Platform: Linux

Application: Bash Shell

Question/Problem Description:

Test ciphers enabled on a service or website

Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  
Cause: To verify the ciphers in use on a service.
Resolution:

Test Ciphers using the following Bash Script from a linux cli.

Save the below to a text file naming it as an .sh file. Something like "filename.sh"

A good text editor is nano.

 

From the Bash shell do the following

  1. "touch filename.sh"
  2. "nano filename.sh"

 

Copy the below text into the editor and save the file with "ctrl + o" then exit the editor with "ctrl + x"

_______________________________________________________________________________

 

#!/usr/bin/env bash
# OpenSSL requires the port number.

SERVER=$1
DELAY=1

ciphers=$(openssl ciphers 'ALL:eNULL' | sed -e 's/:/ /g')

echo Obtaining cipher list from $(openssl version).

for cipher in ${ciphers[@]}

do

echo -n Testing $cipher...

result=$(echo -n | openssl s_client -cipher "$cipher" -connect $SERVER 2>&1)

if [[ "$result" =~ ":error:" ]] ; then

error=$(echo -n $result | cut -d':' -f6)
  echo NO \($error\)

else

  if [[ "$result" =~ "Cipher is ${cipher}" || "$result" =~ "Cipher    :" ]] ; then

    echo YES

  else

    echo UNKNOWN RESPONSE

    echo $result

  fi

fi

sleep $DELAY

done

______________________________________________________________________________

 

Use "chmod +x filename.sh" to make the file executable

 

Launch with  "./filename.sh IP:portor  "./filename.sh FQDN:port" from the Linux bash shell prompt

Workaround:  
Notes:  

Comments