General TC > General TC Talk
32 or 64 bit browser tests for https request help please
(1/1)
gordon64:
Hi
I am in the process of looking at submitting updates for openssl with updated certificates
I have the following tests, but need to mention that if you use a web browser that has its OWN certificates, you will likely be mislead.
---that means you can't use FF or Opera.
###########
1) Test that your certificates are in order
download elinks
so far this test appears to be good as elinks does not appear to have its own certificates and therefore I hope are using openssl*'s certificates.
--- Code: ---elinks https://cert-test.sandbox.google.com/
elinks https://gmail.com
--- End code ---
^^^ I use CTRL + c to break the first web page to input second command.
YMMV
expected result is OK first URL, web page for logging into gmail for second URL
2) Next I found thru google a openssl test for http as follows
--- Code: ---openssl s_client -connect www.paypal.com:443
--- End code ---
########################
Question
I am looking for a https type test for openssl but my attempt to replace that paypal URL with a https is currently a fail.
thanks for reading and I am happy to test anything you think might work.
feel free to be critical of my thinking. I am not a security expert so may be misleading myself on my own brain cell capacity
:)
gordon64:
Ok looking at this link
http://www.penguintutor.com/linux/network-services-ports
port 443 is https 443/tcp # http protocol over TLS/SSL
or udp
me thinks no more testing needed?
bmarkus:
--- Quote from: gordon64 on August 23, 2015, 02:33:06 AM ---
I am in the process of looking at submitting updates for openssl with updated certificates
--- End quote ---
What is your issue with openssl, why do you want to update it?
gordon64:
Hi bmarkus
a few reasons
1) It appears that the most up-to-date upsteam is 1.0.2d
2) It is generally a good idea to use the most recent and
3) there appears to be some vulnerabilities as per link
http://openssl.org/news/vulnerabilities.html#y2015
eg 11th June 2015 fixed in 1.0.1i and searching 1.0.1i brings up multiple hits in that link.
cheers
gordon64:
actually I was wrong again.
The above cert tests are fine but I found one new test. This test sees if your brower will accept REVOKED certificates. If so you will see the below image.
a PASS is either a message that Secure Connection has failed (firefox) more info that
Peer's Certificate has been revoked or for opera-12
"The certificate has been revoked by its issuer"
##############################################################
Below is what a FAIL looks like, with page culled to show just the top info.
Here is the link for anyone interested?
https://revoked.grc.com
good luck
Navigation
[0] Message Index
Go to full version