This is a post on HTTPS encryption long time coming. \u00a0I have been patching SSL\/TLS vulnerabilities in various systems, so I thought I should put all my notes in one place.<\/p>\n
HTTPS encryption uses SSL and later TLS to protect your HTTP traffic.<\/p>\n
A vulnerability exists in SSL 3.0 and TLS 1.0 that could allow
\ninformation disclosure if an attacker intercepts encrypted traffic
\nserved from an affected system.<\/p>\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are
\nnot affected.<\/p><\/blockquote>\n\n
- TLS1.0- vulnerable to BEAST attack
\nSee above.<\/li>\n- TLS1.1<\/li>\n
- TLS1.2<\/li>\n<\/ul>\n
cURL is a popular tool to standin as a web browser in scripts. \u00a0manpage<\/a>\u00a0 Here are some scripts to test HTTPS.<\/p>\n
curl -v “https:\/\/www.myorg.org”
\ncurl -v –tlsv1\u00a0“https:\/\/www.myorg.org”
\ncurl -v –tlsv1.2 “https:\/\/www.myorg.org” \u00a0for cURL 7.34 or later.
\ncurl -v –sslv2\u00a0“https:\/\/www.myorg.org”
\ncurl -v –sslv3\u00a0“https:\/\/www.myorg.org”<\/p><\/blockquote>\nList of SSL and TLS error codes from cURL mozilla<\/a><\/p>\n
JavaSE 7 SSL overview link<\/a>\u00a0 These are the clients initiating the requests.<\/p>\n