Talk:Testing for SSL-TLS (OWASP-CM-001)
We should attach a reference or citation to the first part of the summary: "Due to historic export restrictions of high grade cryptography".
Rick.mitchell 10:09, 3 September 2008 (EDT)
Testing with OpenSSL?
Vulnerability scanners are mentioned a number of times, determination as to whether LOW or NULL strength ciphers can be used can be accomplished via OpenSSL, for example:
openssl s_client -connect www.google.com:443 -cipher NULL openssl s_client -connect www.google.com:443 -cipher LOW
Rick.mitchell 12:38, 3 September 2008 (EDT)