cloud engineer
Here’s another command to check what version of SSL and TLS is being used.
nmap --script ssl-enum-ciphers -p 443 server.domain.com |
nmap --script ssl-enum-ciphers -p 443 server.domain.com
Result
PORT STATE SERVICE 443/tcp open https | ssl-enum-ciphers: | TLSv1.2: | ciphers: ... |
PORT STATE SERVICE 443/tcp open https | ssl-enum-ciphers: | TLSv1.2: | ciphers: ...
In this example, only TLSv1.2 is in use. For security purposes, use TLSv1.2 or higher.
Here’s the command to list what app or package requires OpenSSL.
repoquery --whatrequires --installed --recursive openssl |
repoquery --whatrequires --installed --recursive openssl
Result
authconfig-0:6.2.8-30.el7.x86_64 falcon-sensor-0:6.38.0-13501.el7.x86_64 python2-cryptography-0:1.7.2-2.el7.x86_64 realmd-0:0.16.1-12.el7_9.1.x86_64 terraform-0:1.3.6-1.x86_64 |
authconfig-0:6.2.8-30.el7.x86_64 falcon-sensor-0:6.38.0-13501.el7.x86_64 python2-cryptography-0:1.7.2-2.el7.x86_64 realmd-0:0.16.1-12.el7_9.1.x86_64 terraform-0:1.3.6-1.x86_64
Here’s the command to list what SSL and TLS protocols are active.
openssl ciphers -v | awk '{print $2}' | sort | uniq |
openssl ciphers -v | awk '{print $2}' | sort | uniq