diff --git a/security/2020-07_SSL_Server_Test_luxeylab.net.html b/security/2020-07_SSL_Server_Test_luxeylab.net.html new file mode 100644 index 0000000..88ea9dc --- /dev/null +++ b/security/2020-07_SSL_Server_Test_luxeylab.net.html @@ -0,0 +1,4317 @@ + + + SSL Server Test: luxeylab.net (Powered by Qualys SSL Labs) + + + + + + + + + + + + + + + + + + + + + +
+ + + + + + +
+
SSL Report: + luxeylab.net + (92.243.8.85)
+
+ Assessed on:  Fri, 17 Jul 2020 14:00:40 UTC + | Hide + | Clear cache +
+ +
Scan Another »
+
+ +
+
+ Due to a recently discovered bug in Apple's code, your browser is exposed to MITM attacks. Click here for more information. +

+
+ + + +
+ +
+
Summary
+
+
+ +
Overall Rating
+ +
+ B +
+ + + + + + + + + +
+ +
+ +
+
+
+
+
+
+
+
+
0
+
20
+
40
+
60
+
80
+
100
+
+
+ +
+
+
Certificate
+
 
+
+ +
+
Protocol Support
+
 
+
+ +
+
Key Exchange
+
 
+
+ +
+
Cipher Strength
+
 
+
+
+ +
+ +
+ +
+ Visit our documentation page + for more information, configuration guides, and books. Known issues are documented + here. +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ This server supports TLS 1.0 and TLS 1.1. + Grade capped to B. MORE INFO » +
+ + + + + + + + +
+ This server supports TLS 1.3. +
+ + + + +
+ HTTP Strict Transport Security (HSTS) with long duration deployed on this server. +  MORE INFO » +
+ + + + + +
+
+ + + + + +
+
Certificate #1: RSA 2048 bits (SHA256withRSA) +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
Server Key and Certificate #1
+ +
+ +
Subject + luxeylab.net +
+ Fingerprint SHA256: 3173b385c4db4e0d5ef8ea7cadf3f3a84d099e3dbcb8f507ea194a820855e7aa
+ Pin SHA256: sx2MqZVMZMHAz7CFZCV2Ki38O1PPMUDVWrwUhTgKppY= + +
Common namesluxeylab.net
Alternative namesluxeylab.net www.luxeylab.net
Serial Number043611de408f4c669e3a0228a186b6025229
Valid fromThu, 11 Jun 2020 15:50:01 UTC
Valid untilWed, 09 Sep 2020 15:50:01 UTC (expires in 1 month and 23 days)
KeyRSA 2048 bits + (e 65537)
Weak key (Debian) No
IssuerLet's Encrypt Authority X3
+ AIA: http://cert.int-x3.letsencrypt.org/ +
+ +
Signature algorithmSHA256withRSA
Extended ValidationNo
Certificate TransparencyYes + (certificate)
OCSP Must StapleNo
Revocation information + OCSP
+ OCSP: http://ocsp.int-x3.letsencrypt.org +
+ +
Revocation statusGood (not revoked) + + + + +
DNS CAANo (more info)
TrustedYes +
+ Mozilla  + Apple  + Android  + Java  + Windows  + +
+ +

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
Additional Certificates (if supplied)
+ +
+ +
Certificates provided2 (2557 bytes)
Chain issuesNone
#2
SubjectLet's Encrypt Authority X3
+ + Fingerprint SHA256: 25847d668eb4f04fdd40b12b6b0740c567da7d024308eb6c2c96fe41d9de218d
+ Pin SHA256: YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg=
Valid untilWed, 17 Mar 2021 16:40:46 UTC (expires in 8 months)
KeyRSA 2048 bits + (e 65537)
IssuerDST Root CA X3
Signature algorithm + SHA256withRSA
+ +

+ + + + + + + + +
+ + + + Certification Paths
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Click here to expand

+
+
+ +
+
Configuration
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Protocols
TLS 1.3Yes
TLS 1.2Yes
TLS 1.1Yes
TLS 1.0 Yes +
SSL 3No
SSL 2No
+ +

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Cipher Suites
+ + +
# TLS 1.3 (suites in server-preferred order) +
+
+ TLS_AES_256_GCM_SHA384 (0x1302) + +   ECDH secp384r1 (eq. 7680 bits RSA)   FS + + + 256
+ TLS_CHACHA20_POLY1305_SHA256 (0x1303) + +   ECDH secp384r1 (eq. 7680 bits RSA)   FS + + + 256
+ TLS_AES_128_GCM_SHA256 (0x1301) + +   ECDH secp384r1 (eq. 7680 bits RSA)   FS + + + 128
+ + +
# TLS 1.2 (suites in server-preferred order) +
+
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) + +   ECDH secp384r1 (eq. 7680 bits RSA)   FS + + + 256
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) + +   ECDH secp384r1 (eq. 7680 bits RSA)   FS + + + 128
+ TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) + +   + + DH 2048 bits   FS + + + 256
+ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e) + +   + + DH 2048 bits   FS + + + 128
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) +   ECDH secp384r1 (eq. 7680 bits RSA)   FS +   WEAK + 256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) +   ECDH secp384r1 (eq. 7680 bits RSA)   FS +   WEAK + 256
+ TLS_DHE_RSA_WITH_AES_256_CCM_8 (0xc0a3) + +   + + DH 2048 bits   FS + + + 256
+ TLS_DHE_RSA_WITH_AES_256_CCM (0xc09f) + +   + + DH 2048 bits   FS + + + 256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b) +   + + DH 2048 bits   FS +   WEAK + 256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) +   + + DH 2048 bits   FS +   WEAK + 256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) +   ECDH secp384r1 (eq. 7680 bits RSA)   FS +   WEAK + 128
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) +   ECDH secp384r1 (eq. 7680 bits RSA)   FS +   WEAK + 128
+ TLS_DHE_RSA_WITH_AES_128_CCM_8 (0xc0a2) + +   + + DH 2048 bits   FS + + + 128
+ TLS_DHE_RSA_WITH_AES_128_CCM (0xc09e) + +   + + DH 2048 bits   FS + + + 128
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67) +   + + DH 2048 bits   FS +   WEAK + 128
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) +   + + DH 2048 bits   FS +   WEAK + 128
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d) +   WEAK + 256
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c) +   WEAK + 128
TLS_RSA_WITH_AES_256_CCM_8 (0xc0a1) +   WEAK + 256
TLS_RSA_WITH_AES_256_CCM (0xc09d) +   WEAK + 256
TLS_RSA_WITH_AES_128_CCM_8 (0xc0a0) +   WEAK + 128
TLS_RSA_WITH_AES_128_CCM (0xc09c) +   WEAK + 128
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d) +   WEAK + 256
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c) +   WEAK + 128
TLS_RSA_WITH_AES_256_CBC_SHA (0x35) +   WEAK + 256
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) +   WEAK + 128
+ + +
# TLS 1.1 (suites in server-preferred order) +
+
+ + +
# TLS 1.0 (suites in server-preferred order) +
+
+ +

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Handshake Simulation
+ Android 2.3.7 +   No SNI 2 + RSA 2048 (SHA256) +   + + TLS 1.0 + + + + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + + +   + DH 2048 + + + +  FS + + +
+ Android 4.0.4 + + RSA 2048 (SHA256) +   + + TLS 1.0 + + + + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + + + +   + ECDH secp384r1 + + +  FS + + +
+ Android 4.1.1 + + RSA 2048 (SHA256) +   + + TLS 1.0 + + + + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + + + +   + ECDH secp384r1 + + +  FS + + +
+ Android 4.2.2 + + RSA 2048 (SHA256) +   + + TLS 1.0 + + + + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + + + +   + ECDH secp384r1 + + +  FS + + +
+ Android 4.3 + + RSA 2048 (SHA256) +   + + TLS 1.0 + + + + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + + + +   + ECDH secp384r1 + + +  FS + + +
+ Android 4.4.2 + + RSA 2048 (SHA256) +   + + TLS 1.2 + + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Android 5.0.0 + + RSA 2048 (SHA256) +   + + TLS 1.2 + + + + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Android 6.0 + + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Android 7.0 + + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Android 8.0 + + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Android 8.1 + + - +   + + TLS 1.3 + + + + TLS_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Android 9.0 + + - +   + + TLS 1.3 + + + + TLS_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Baidu Jan 2015 + + RSA 2048 (SHA256) +   + + TLS 1.0 + + + + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + + + +   + ECDH secp384r1 + + +  FS + + +
+ BingPreview Jan 2015 + + RSA 2048 (SHA256) +   + + TLS 1.2 + + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Chrome 49 / XP SP3 + + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Chrome 69 / Win 7 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Chrome 70 / Win 10 + + - +   + + TLS 1.3 + + + + TLS_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Chrome 80 / Win 10 +  R + - +   + + TLS 1.3 + + + + TLS_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Firefox 31.3.0 ESR / Win 7 + + RSA 2048 (SHA256) +   + + TLS 1.2 + + + + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Firefox 47 / Win 7 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Firefox 49 / XP SP3 + + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Firefox 62 / Win 7 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Firefox 73 / Win 10 +  R + - +   + + TLS 1.3 + + + + TLS_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Googlebot Feb 2018 + + RSA 2048 (SHA256) +   + + TLS 1.2 + + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ IE 7 / Vista + + RSA 2048 (SHA256) +   + + TLS 1.0 + + + + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + + + +   + ECDH secp384r1 + + +  FS + + +
+ IE 8 / XP +   No FS 1   No SNI 2 + Server sent fatal alert: handshake_failure
+ + + +
+ IE 8-10 / Win 7 +  R + RSA 2048 (SHA256) +   + + TLS 1.0 + + + + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + + + +   + ECDH secp384r1 + + +  FS + + +
+ IE 11 / Win 7 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + + + TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + + +   + DH 2048 + + + +  FS + + +
+ IE 11 / Win 8.1 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + + +   + DH 2048 + + + +  FS + + +
+ IE 10 / Win Phone 8.0 + + RSA 2048 (SHA256) +   + + TLS 1.0 + + + + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + + + +   + ECDH secp384r1 + + +  FS + + +
+ IE 11 / Win Phone 8.1 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + + + +   + ECDH secp384r1 + + +  FS + + +
+ IE 11 / Win Phone 8.1 Update +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + + +   + DH 2048 + + + +  FS + + +
+ IE 11 / Win 10 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Edge 15 / Win 10 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Edge 16 / Win 10 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Edge 18 / Win 10 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Edge 13 / Win Phone 10 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Java 6u45 +   No SNI 2 + Client does not support DH parameters > 1024 bits
+ + RSA 2048 (SHA256) +   |  + + TLS 1.0 + +  |  + + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + +  |  DH 2048 + + +
+ Java 7u25 + + RSA 2048 (SHA256) +   + + TLS 1.0 + + + + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + + + +   + ECDH secp384r1 + + +  FS + + +
+ Java 8u161 + + RSA 2048 (SHA256) +   + + TLS 1.2 + + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Java 11.0.3 + + - +   + + TLS 1.3 + + + + TLS_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Java 12.0.1 + + - +   + + TLS 1.3 + + + + TLS_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ OpenSSL 0.9.8y + + RSA 2048 (SHA256) +   + + TLS 1.0 + + + + TLS_DHE_RSA_WITH_AES_256_CBC_SHA + + +   + DH 2048 + + + +  FS + + +
+ OpenSSL 1.0.1l +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ OpenSSL 1.0.2s +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ OpenSSL 1.1.0k +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ OpenSSL 1.1.1c +  R + - +   + + TLS 1.3 + + + + TLS_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Safari 5.1.9 / OS X 10.6.8 + + RSA 2048 (SHA256) +   + + TLS 1.0 + + + + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + + + +   + ECDH secp384r1 + + +  FS + + +
+ Safari 6 / iOS 6.0.1 + + RSA 2048 (SHA256) +   + + TLS 1.2 + + + + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Safari 6.0.4 / OS X 10.8.4 +  R + RSA 2048 (SHA256) +   + + TLS 1.0 + + + + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + + + +   + ECDH secp384r1 + + +  FS + + +
+ Safari 7 / iOS 7.1 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + + + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Safari 7 / OS X 10.9 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + + + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Safari 8 / iOS 8.4 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + + + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Safari 8 / OS X 10.10 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + + + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Safari 9 / iOS 9 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Safari 9 / OS X 10.11 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Safari 10 / iOS 10 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Safari 10 / OS X 10.12 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Safari 12.1.2 / MacOS 10.14.6 Beta +  R + - +   + + TLS 1.3 + + + + TLS_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Safari 12.1.1 / iOS 12.3.1 +  R + - +   + + TLS 1.3 + + + + TLS_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Apple ATS 9 / iOS 9 +  R + RSA 2048 (SHA256) +   + + TLS 1.2 + + > http/1.1 +   + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ Yahoo Slurp Jan 2015 + + RSA 2048 (SHA256) +   + + TLS 1.2 + + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ YandexBot Jan 2015 + + RSA 2048 (SHA256) +   + + TLS 1.2 + + + + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + + +   + ECDH secp384r1 + + +  FS + + +
+ + +
# Not simulated clients (Protocol mismatch)
+
+ IE 6 / XP +   No FS 1   No SNI 2 + Protocol mismatch (not simulated)
+ + + +
+ +
+ (1) Clients that do not support Forward Secrecy (FS) are excluded when determining support for it. +
+ (2) No support for virtual SSL hosting (SNI). Connects to the default site if the server uses SNI. +
+ (3) Only first connection attempt simulated. Browsers sometimes retry with a lower protocol version. +
+ (R) Denotes a reference browser or client, with which we expect better effective security. +
+ (All) We use defaults, but some platforms do not use their best protocols and features (e.g., Java 6 & 7, older IE). +
+ (All) Certificate trust is not checked in handshake simulation, we only perform TLS handshake. +
+

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Protocol Details
DROWNNo, server keys and hostname not seen elsewhere with SSLv2
+
+ (1) For a better understanding of this test, please read this longer explanation
+ (2) Key usage data kindly provided by the Censys network search engine; original DROWN website here
+ (3) Censys data is only indicative of +possible key and certificate reuse; possibly out-of-date and not +complete
+
+ + +
Secure RenegotiationSupported
Secure Client-Initiated RenegotiationNo
Insecure Client-Initiated RenegotiationNo
BEAST attack + Not mitigated server-side (more info) +   TLS 1.0: 0xc014 +
POODLE (SSLv3) + No, SSL 3 not supported (more info) +
POODLE (TLS) + No + (more info) +
Zombie POODLENo (more info) +   TLS 1.2 : 0xc014
GOLDENDOODLENo (more info) +   TLS 1.2 : 0xc014
OpenSSL 0-LengthNo (more info) +   TLS 1.2 : 0xc014
Sleeping POODLENo (more info) +   TLS 1.2 : 0xc014
Downgrade attack prevention + Yes, TLS_FALLBACK_SCSV supported (more info) +
SSL/TLS compressionNo
RC4No
Heartbeat (extension)No
Heartbleed (vulnerability)No (more info)
Ticketbleed (vulnerability)No (more info)
OpenSSL CCS vuln. (CVE-2014-0224)No (more info)
OpenSSL Padding Oracle vuln.
(CVE-2016-2107)		No (more info)
ROBOT (vulnerability)No (more info)
Forward SecrecyYes (with most browsers) +   ROBUST (more info)
ALPNYes   + http/1.1 +
NPNYes   + http/1.1 +
Session resumption (caching)Yes
Session resumption (tickets)No
OCSP staplingYes + +
Strict Transport Security (HSTS)Yes
max-age=63072000; includeSubDomains; +
HSTS Preloading + + + + + Not in: + Chrome  + Edge  + Firefox  + IE  + + +
Public Key Pinning (HPKP)No (more info)
Public Key Pinning Report-OnlyNo
Public Key Pinning (Static)No (more info)
Long handshake intoleranceNo
TLS extension intoleranceNo
TLS version intolerance + + + + + + No
Incorrect SNI alertsNo
Uses common DH primesNo
DH public server param (Ys) reuseNo
ECDH public server param reuseNo
Supported Named Groups + secp384r1
SSL 2 handshake compatibility Yes
0-RTT enabled No
+ +

+ + + + + + + + + + + +
+ + + HTTP Requests +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+ 1 https://luxeylab.net/ +  (HTTP/1.1 200 OK) +
+
+ +

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Miscellaneous
Test dateFri, 17 Jul 2020 13:58:02 UTC
Test duration157.610 seconds
HTTP status code + 200 +
HTTP server signaturenginx
Server hostname xvm-8-85.dc0.ghst.net
+ +

+ +
+
+ + + +
+ + +

SSL Report v2.1.5

+ +
+ + + + + +
+ +
+ +
+ + + \ No newline at end of file diff --git a/security/2020-07_SSL_Server_Test_luxeylab.net_files/analyze_report.css b/security/2020-07_SSL_Server_Test_luxeylab.net_files/analyze_report.css new file mode 100644 index 0000000..7d99ef6 --- /dev/null +++ b/security/2020-07_SSL_Server_Test_luxeylab.net_files/analyze_report.css @@ -0,0 +1,788 @@ + +.highlight { + color: green; +} + +.warning { + color: #F88017; +} + +.error { + color: red; +} + +.moreInfo { + font-size: 11px; + font-weight: bold; +} + +#certificateMismatch li { + font-size: 20px; + line-height: 30px; + font-weight: bold; +} + +#warningBeta { + margin: 20px; + margin-bottom: 0px; + text-align: center; + padding: 5px; + font-size: 12px; + font-weight: bold; + xborder: 1px solid #bbbbbb; + background: #009ddf; + color: #ffffff; +} + +#warningBox { + margin-bottom: 0px; + text-align: center; + padding: 15px; + font-size: 18px; + border: 1px solid #bbbbbb; + background: #fffacd; +} + +.testDate { + font-size: 12px; + line-height: 24px; +} + +.grayText { + font-size: 12px; + line-height: 24px; + color : #666666; +} + +.dhParams { + font-size: 10px; + color : #666666; +} + +.dhParamsNoColour { + font-size: 10px; +} + +.grayCode { + font: 12px/20px monospace; + color : #666666; +} + +.reportTitle { + margin: 0px; + margin-bottom: 5px; + font: 26px/28px Arial, Helvetica, sans-serif; + color: #666666; + font-weight: bold; +} + +.reportTime { + margin-bottom: 20px; + color : #666666; +} + +.reportInfo { + font-size: 10px; + color: #666666; +} + +.url { + font-weight: bold; + color: #444444; +} + +.ip { + font-size: 18px; + color: #666666; +} + +.box { + border: 3px solid #a6c2c4; + background: #fdfdfd; + text-align: left; +} + + .boxHead { + color: #009ddf; + font-weight: bold; + padding-bottom: 5px; + vertical-align: middle; + border-bottom: 2px solid #c6d2d4; + font-size: 14px; + } + + .boxContent { + padding: 15px; + font-size: 12px; + } + + .box p { + margin: 6px 0px; + } + + a:link { + color: #005ccf; + } + + .box a { + color: #005ccf; + } + + .box a:hover { + text-decoration: underline; + } + + .box .rating { + float: right; + font-weight: bold; + width: 15px; + text-align: left; + padding-right: 10px; + } + +.submitBox { + padding: 15px; + background: #dbe7f7; + text-align: center; + vertical-align: middle; + margin-bottom: 20px; + font-size: 16px; + font-weight: bold; + color: #009ddf; +} + +.submitBox input { + font-size: 16px; + padding: 4px; +} + +.submitError { + text-align: center; + font-size: 12px; + line-height: 14px; + font-weight: bold; + color: #cc0000; + margin-top: 10px; +} + +.reportSection { + width: 980px; + border: 4px solid #a6c2c4; + background: #fdfdfd; + /*margin-top: 20px;*/ + margin-bottom: 20px; + text-align: center; +} + +.bannerSection { + width: 840px; + border: 1px solid #c0c0c0; + background: #fdfdfd; + margin-top: 20px; + margin-bottom: 20px; + text-align: center; + padding: 3px; +} + +.sectionTitle { + text-align: left; + font: 23px/28px Arial, Helvetica, sans-serif; + font-weight: bold; + color: #888888; + padding: 16px; + background: #f7f7f7; + border-bottom: 1px solid #c6d2d4; +} + +.sectionInfo { + font-size: 15px; +} + +.sectionBody { + margin: 20px 15px; +} + +#chart { + margin-top: 20px; + margin-right: 70px; + float: right; + width: 450px; + height: 200px; +} + + .chartScale { + position: absolute; + margin-left: 110px; + width: 360px; + height: 162px; + z-index: 100; + } + + .chartBody { + position: relative; + width: 450px; + z-index: 200; + } + + .chartScaleDiv { + width: 1px; + margin-right: 59px; + height: 162px; + float: left; + background: #bbbbbb; + } + + .chartScaleLabelRow { + position: absolute; + top: 160px; + left: -29px; + } + + .chartScaleLabel { + width: 60px; + float: left; + text-align: left; + color: #999999; + text-align: center; + } + + .chartRow { + height: 28px; + clear: both; + margin-top: 10px; + margin-bottom: 10px; + } + + .chartValue { + float: right; + display: block; + line-height: 28px; + font-weight: bold; + margin-left: 15px; + } + + .chartLabel { + font-size: 11px; + float: left; + display: block; + margin-right: 10px; + line-height: 28px; + width: 100px; + text-align: right; + font-weight: bold; + } + + .chartBar_g{ + float: left; + text-align: right; + height: 28px; + background: url('../images/chart-green.gif') repeat-x; + } + + .chartBar_a { + float: left; + text-align: right; + height: 28px; + background: url('../images/chart-amber.gif') repeat-x; + } + + .chartBar_r { + float: left; + text-align: right; + height: 28px; + background: url('../images/chart-red.gif') repeat-x; + } + +#rating { + text-align: center; + padding: 0px 0px; + margin-bottom: 0px; + float: left; + width: 400px; +} + + .twoRatingMargin { + margin-left: 20px !important; + } + + .ratingTitle { + font-size: 11px; + font-weight: bold; + font-size: 14px; + color: #999999; + } + + .rating_g { + font-family: Arial, Helvetica, sans-serif; + text-align: center; + margin: 15px auto; + width: 128px; + height: 128px; + font-size: 100px; + line-height: 128px; + font-weight: bold; + color: #ffffff; + background: url('../images/rating-green.gif') no-repeat; + } + + .rating_a { + font-family: Arial, Helvetica, sans-serif; + text-align: center; + margin: 15px auto; + width: 128px; + height: 128px; + font-size: 100px; + line-height: 128px; + font-weight: bold; + color: #ffffff; + background: url('../images/rating-amber.gif') no-repeat; + } + + .rating_r { + font-family: Arial, Helvetica, sans-serif; + text-align: center; + margin: 15px auto; + width: 128px; + height: 128px; + font-size: 100px; + line-height: 128px; + font-weight: bold; + color: #ffffff; + background: url('../images/rating-red.gif') no-repeat; + } + + .rating_r_icon { + font-family: Arial, Helvetica, sans-serif; + text-align: center; + display:inline; + font-size: 12px; + font-weight: bold; + color: #ffffff; + background: url('../images/rating-red.gif') no-repeat; + background-size: 100% 100%; + } + + .belowGrade { + line-height: 16px; + font-weight: normal; + font-size: 11px; + color: grey; + } + + .percentage_g { + font-weight: bold; + font-size: 28px; + color: #7ed84d; + } + + .percentage_a { + font-weight: bold; + font-size: 28px; + color: #ffa100; + } + + .percentage_r { + font-weight: bold; + font-size: 28px; + color: #ff553e; + } + + +table.reportTable { + width: 850px; + margin: 0px; + padding: 0px; + margin-top: 0px; + font-size: 12px; + line-height: 20px; + margin-right: 10px; +} + + .tableHead { + color: #009ddf; + font-weight: bold; + padding-bottom: 5px; + vertical-align: middle; + border-bottom: 2px solid #c6d2d4; + font-size: 13px; + } + + .tableSubHead { + color: #009ddf; + font-weight: bold; + padding-bottom: 5px; + vertical-align: middle; + padding-top: 15px; + border-bottom: 1px solid #c6d2d4; + font-size: 12px; + } + + .tableLeft { + text-align: left; + padding: 3px 0px; + border-bottom: 1px solid #f0f0f0; + vertical-align: middle; + } + + .tableRight { + width: 50px; + text-align: right; + padding: 3px 0px; + border-bottom: 1px solid #f0f0f0; + vertical-align: middle; + } + + .tableLabel { + text-align: left; + padding: 3px 0px; + padding-right: 10px; + color: #444444; + border-bottom: 1px solid #f0f0f0; + vertical-align: middle; + font-size: 12px; + font-weight: bold; + width: 250px; + } + + .tableLabelTop { + text-align: left; + padding: 3px 0px; + padding-right: 10px; + color: #444444; + border-bottom: 1px solid #f0f0f0; + vertical-align: top; + font-size: 12px; + font-weight: bold; + width: 180; + } + + .tableLabelRight { + text-align: right; + padding: 3px 0px; + padding-right: 15px; + color: #444444; + border-bottom: 1px solid #f0f0f0; + vertical-align: middle; + font-size: 12px; + font-weight: bold; + } + + .tableCell { + text-align: left; + padding: 3px 0px; + border-bottom: 1px solid #f0f0f0; + vertical-align: middle; + font-size: 12px; + word-wrap: break-word; + word-break: break-all; + word-break: break-word; + -webkit-hyphens: auto; + -moz-hyphens: auto; + hyphens: auto; + } + + .tableIcon { + text-align: right; + padding: 0px; + padding-left: 15px; + vertical-align: top; + width: 20px; + } + + .tableIcon img { + vertical-align: middle; + margin-top: 2px; + } + +.fleft { + float: left; +} + +.fright { + float: right; +} + +.black { + color: #000000; +} + +.g { + color: #4ec83d; +} + +.a { + color: #ffa100; +} + +.r { + color: #ef251e; +} + +.b { + color: #009ddf; +} + +#urlInput { + width: 500px; + font-size: 24px; + margin-bottom: 20px; + padding: 4px; +} + +#urlSubmit { + font-size: 24px; +} + +.intro { + font-size: 11px; + line-height: 16px; + width: 400px; + text-align: center; + margin: 0px auto; + margin-top: 20px; +} + +.tIcon { + float: left; + margin-right: 10px; +} + +.note { + position: absolute; + left: 0px; + top: 0px; + width: 300px; + border: 2px solid #ffffff; + z-index: 1000; +} + +.noteBack { + border: 2px solid #c6d2d4; + background: #dddfe0; +} + +.noteHead { + color: #ffffff; + padding: 2px 6px; + font-weight: bold; +} + +.noteHead.green { + background: url('../images/chart-green.gif') repeat-x; +} + +.noteHead.amber { + background: url('../images/chart-amber.gif') repeat-x; +} + +.noteHead.red { + background: url('../images/chart-red.gif') repeat-x; +} + + +.noteBody { + font-size: 11px; + padding: 8px 10px; + text-align: left; +} + +#multiTable { + border: 3px solid #a6c2c4; + width: 1040px; +} + +#multiTable th { + padding: 14px; + background: #CFECEC; + border: 1px solid #a6c2c4; + font-size: 18px; +} + +#multiTable td { + border: 1px solid #CFECEC; +} + +.greySmall { + color : #666666 !important; + font-size: 10px; +} + +.greenSmall { + color : green; + font-size: 10px; +} + +.orangeSmall { + color : #F88017; + font-size: 10px; +} + +.redSmall { + color : red; + font-size: 10px; +} + +img { + border: none; +} + +table { + border-collapse: collapse; +} + +div.icon-download +{ + width: 12px; + height: 12px; + background: url('../images/download.png'); + background-repeat: no-repeat; + background-size: 12px 12px; +} + +.reportSubHeading { + float: left; + width: 825px; +} +.hideIcon { + text-align: center; + display: block; + width: 14px; + height: 14px; + cursor: pointer; + float: right; +} + +.hideIcon.indent { + margin-top: 8px; +} + +.showIcon { + text-align: center; + display: block; + width: 14px; + height: 14px; + cursor: pointer; + float: right; + display: none; +} + +.showIcon.indent { + margin-top: 8px; +} + +.expand { + text-align: center; +/* font-weight: bold;*/ + color: #009ddf; + padding: 15px; + cursor: pointer; +} + +.expand span { + border: 1px solid #ddd; + padding: 5px 12px; +} + +.normal { + font-weight: normal; +} + +.count { + text-align: center; + font-weight: bold; + border: 1px solid #009ddf; + color: #009ddf; + padding: 1px 4px 0px 4px; + border-radius: 2px; + margin-right: 5px; + //cursor: pointer; +} + +.tableCellCenter2 { + width: 75px; + text-align: center; + padding-left: 10px; + padding-right: 10px; + font-size: 11px; +} + +.reportTable.indent { + margin-left: 75px; +} + + +.simCertLink:link { + color: black; + text-decoration: none; +} + +.simCertLink:visited { + color: black; + text-decoration: none; +} + +.simCertLink:hover { + color: black; + text-decoration: none; +} + +.ratingOne { + float: left; + margin-left: 35px; +} + +.ratingMiddle { + float: left; + margin-top: 24px; + width: 106px; +} + +.middleImg { + width: 26px; + height: 26px; +} +.ratingSecond { + float: left; + background-size: 64px 64px; + font-size: 32px; + background-position: center; + margin: 0px auto; + height: 64px; + width: 64px; + line-height: 64px; + margin-top: 8px; +} + +.ratingTitleOne { + width: 200px; +} + +.ratingTitleTwo { + float: left; + margin-top: 50px; + width: 200px; + margin-left: 36px; + font-size: 12px; +} + +.belowGradeOne { + text-align: center; + float: left; + clear: both; + width: 200px; +} + +.belowGradeSecond { + text-align: center; + float: left; + width: 200px; + margin-left: 200px; + font-size: 10px; +} + +.belowGradeSecondTwo { + text-align: center; + float: left; + width: 200px; + font-size: 10px; +} \ No newline at end of file diff --git a/security/2020-07_SSL_Server_Test_luxeylab.net_files/analyze_singleView.js b/security/2020-07_SSL_Server_Test_luxeylab.net_files/analyze_singleView.js new file mode 100644 index 0000000..3c86cc1 --- /dev/null +++ b/security/2020-07_SSL_Server_Test_luxeylab.net_files/analyze_singleView.js @@ -0,0 +1,204 @@ +// Function to hide the contents +function hide(c) { + + var hideEl = document.getElementById("hide"+c); + var showEl = document.getElementById("show"+c); + var expandEl = document.getElementById("expand"+c); + + if(!hideEl || !showEl) { + return; + } + + hideEl.style.display = "none"; + showEl.style.display = "block"; + + var el = document.getElementsByClassName(c+"Block"); + for (var i = 0; i < el.length; i++){ + el[i].style.display = "none"; + } + + if (c != "" && c != "http" && expandEl) { + expandEl.style.display = "block"; + } +} + +// Function to show the content +function show(c) { + + var hideEl = document.getElementById("hide"+c); + var showEl = document.getElementById("show"+c); + var expandEl = document.getElementById("expand"+c); + + if(!hideEl || !showEl) { + return; + } + + hideEl.style.display = "block"; + showEl.style.display = "none"; + + var el = document.getElementsByClassName(c+"Block"); + for (var i = 0; i < el.length; i++){ + el[i].style.display = ""; + } + + if (c != "" && c != "http" && expandEl) { + expandEl.style.display = "none"; + } +} + +// Binds show/hide buttons +var chainCount = document.getElementById("chainCount").value; +for (var i = 1; i <= chainCount; i++) { + + // Binds Certification Paths buttons + var hideCert = document.getElementById('hidecert'+i); + var showCert = document.getElementById('showcert'+i); + var expandCert = document.getElementById('expandcert'+i); + if(hideCert && showCert && expandCert ) { + hideCert.onclick = function() { + hide(this.getAttribute("cert")); + } + + showCert.onclick = function() { + show(this.getAttribute("cert")); + } + + expandCert.onclick = function() { + show(this.getAttribute("cert")); + } + } + + // Bind buttons to Server Certifcate section + var hideChain = document.getElementById('hidechain'+i); + var showChain = document.getElementById('showchain'+i); + var expandChain = document.getElementById('expandchain'+i); + + if (document.getElementById('hidechain'+i) && document.getElementById('showchain'+i) && document.getElementById('expandchain'+i)) { + document.getElementById('hidechain'+i).onclick = function() { + hide(this.getAttribute("cert")); + } + + document.getElementById('showchain'+i).onclick = function() { + show(this.getAttribute("cert")); + } + + document.getElementById('expandchain'+i).onclick = function() { + show(this.getAttribute("cert")); + } + } + + // Hide on initial load + hide('cert'+i); + hide('chain'+i); +} + +//Bind buttons to cipher suites block section +var protocolCount = document.getElementById("protocolCount"); +var identicalSuites = document.getElementById("identicalSuites"); +var noSniSuites = document.getElementById("noSniSuites"); +if (protocolCount && identicalSuites && noSniSuites) { + protocolCount = protocolCount.value; + identicalSuites = identicalSuites.value; + noSniSuites = noSniSuites.value; + for (var i = 0; i <= protocolCount; i++) { + + var hideCipher = document.getElementById('hidecipher'+i); + var showCipher = document.getElementById('showcipher'+i); + + if(hideCipher && showCipher) { + hideCipher.onclick = function() { + hide(this.getAttribute("cipher")); + } + + showCipher.onclick = function() { + show(this.getAttribute("cipher")); + } + } + + // Hide suites if suites exists observed in highest supported protocol suites + // And always hide no sni suites + if (protocolCount > 1 && i > 1 && identicalSuites === "true") { + hide('cipher'+i); + } else if (noSniSuites == "true" && i == protocolCount) { + hide('cipher'+i); + } + } +} + +// Bind onclick to Http block buttons +var hidehttp = document.getElementById('hidehttp'); +var showhttp = document.getElementById('showhttp'); +if (hidehttp && showhttp) { + hidehttp.onclick = function() { + hide("http"); + } + + showhttp.onclick = function() { + show("http"); + } +} + +// Hide http section on initial load +hide('http'); + +// Bind onclick to simulations section +var hidesimulations = document.getElementById('hidesimulations'); +var showsimulations = document.getElementById('showsimulations'); +var expandsimulations = document.getElementById('expandsimulations'); +if (hidesimulations && showsimulations && expandsimulations) { + hidesimulations.onclick = function() { + hide("simulations"); + } + showsimulations.onclick = function() { + show("simulations"); + } + expandsimulations.onclick = function() { + show("simulations"); + } +} + +// Hide not simulated simulations section on initial load +hide('simulations'); +var notsimulatedcount = document.getElementById('notSimulatedCount'); +if (notsimulatedcount && notsimulatedcount.value < 3) { + // show not simulated clients if count < 3 + show('simulations'); +} + +//Multiple Trust store +function openTrustPath(evt, trustPath) { + // Declare all variables + var i, tabcontent, tablinks; + var selectedChain = trustPath[trustPath.length - 1]; + trustPath = trustPath + 'content'; + // Get all elements with class="tabcontent+respective chain number" and hide them + tabcontent = document.getElementsByClassName("tabcontent"+selectedChain+" fadeEffect"); + for (i = 0; i < tabcontent.length; i++) { + tabcontent[i].style.display = "none"; + } + + // Get all elements with class="tablinks+respective chain number" and remove the class "active" + tablinks = document.getElementsByClassName("tablinks"+selectedChain); + for (i = 0; i < tablinks.length; i++) { + tablinks[i].className = tablinks[i].className.replace(" active", ""); + } + + // Show the current tab, and add an "active" class to the button that opened the tab + document.getElementById(trustPath).style.display = "block"; + evt.currentTarget.className += " active"; +} + +// Bind Multiple TrustStores button +for (var i = 1; i <= chainCount; i++) { + var tablinks = document.getElementsByClassName("tablinks"+i); + for (var j = 0; j < tablinks.length; j++) { + tablinks[j].onclick = function(event) { + openTrustPath(event, this.id); + } + } +} + +// Show/Select Mozilla Store for all by default +for (var i = 1; i <= chainCount; i++) { + document.getElementById("Mozilla"+i).click(); +} \ No newline at end of file diff --git a/security/2020-07_SSL_Server_Test_luxeylab.net_files/analyze_ssllabs.css b/security/2020-07_SSL_Server_Test_luxeylab.net_files/analyze_ssllabs.css new file mode 100644 index 0000000..0ca7ead --- /dev/null +++ b/security/2020-07_SSL_Server_Test_luxeylab.net_files/analyze_ssllabs.css @@ -0,0 +1,264 @@ + +body { + font: normal 12px Arial, Helvetica, sans-serif; + line-height: 180%; + color: #222222; + margin: 0px 0px; + background: #f0f0f0; + text-align: center; +} + +.footnote { + color:gray; + font-size: 11px; +} + +#pageEnd { + width: 1100px; + background: #ffffff; + margin: auto; + text-align: left; + padding-bottom: 10px; + border-left: 1px solid #BCD4DD; + border-right: 1px solid #BCD4DD; + border-bottom: 1px solid #BCD4DD; +} + +#copyright { + width: 1100px; + padding: 10px; + padding-left: 20px; + padding-bottom: 0px; +} + +#breadcrumbs { + margin-top: 6px; + margin-left: 30px; +} + +#page { + width: 1100px; + background: #ffffff; + margin: auto; + text-align: left; + padding-bottom: 10px; + border-left: 1px solid #BCD4DD; + border-right: 1px solid #BCD4DD; + border-bottom: 1px solid #BCD4DD; +} + +#main { + padding: 30px; + padding-top: 10px; +} + +.newsTitle { + font-size: 13px; + font-weight: bold; + color: #444444; + margin: 0px; +} + +.projectTitle { + color: #444444; + font-family: Arial, Helvetica, sans-serif; + font-weight: bold; + font-size: 13px; + line-height: 20px; +} + +.projectTitle2 { + font-size: 16px; + color: #444444; + font-family: Arial, Helvetica, sans-serif; + font-weight: bold; + padding-top: 25px; + padding-bottom: 0px; + line-height: 0px; +} + +p { + font-size: 13px; + line-height: 20px; +} + +li { + font-size: 13px; + line-height: 20px; +} + +.newsDate { + padding: 0px; + margin: 0px; + color: gray; +} + +a { + color: #005ccf; +} + +h1 { + color: #444444; + font-weight: bold; + padding-bottom: 5px; + font: 27px/28px Arial, Helvetica, sans-serif; + font-weight: bold; + letter-spacing: -0.04em; +} + +h2 { + font-size: 16px; + color: #444444; + font-family: Arial, Helvetica, sans-serif; + font-weight: bold; + padding-top: 10px; +} + +h3 { + color: #58585a; + font-size: 110%; + font-weight: bold; + margin-top: 0px; + margin-bottom: 0px; +} + + +#header { + width: 1100px; + padding-top: 8px; + padding-bottom: 8px; + border-top: 18px solid #de1d0b; + border-bottom: 1px solid #BCD4DD; +} + +#mini-header { + width: 1100px; + padding-top: 8px; + padding-bottom: 8px; + border-top: 18px solid #de1d0b; + border-bottom: 1px solid #BCD4DD; + margin-bottom: 20px; +} + +#dev-header { + padding: 10px 20px; + font-weight: bold; + background-color: #fffacd; +} + +#logo { + float: left; + margin: 0px; + padding: 4px; + margin-left: 14px; + padding-top: 6px; + padding-bottom: 6px; +} + +#logo-powered-by { + float: right; + padding: 10px; + padding-right: 30px; +} + +#logo-co-branded { + float: left; + margin: 0px; + padding: 10px; + padding-left: 30px; +} + +#navigation { + float: right; + margin-top: 10px; + margin-right: 10px; + font-family: Arial, Helvetica, sans-sefif; + font-size: 15px; + font-weight: bold; +} + + #navigation .link { + color: #444444; + text-decoration: none; + padding-right: 25px; + } + + #navigation .link:hover { + text-decoration: underline; + } + +#threeColumns { + margin: 20px; + margin-top: 0px; + padding-top: 20px; +} + +#pageHeader { + padding: 30px 30px 0px 30px; + clear: both; +} + +a.newsLink { + display: block; + font-family: Arial, Helvetica, sans-serif; + margin-top: 0px; + margin-bottom: 5px; + color: #58585a; +} + +a.newsLink:hover { + color: #a70b16; + text-decoration: underline; +} + +/* Style the tab */ +div.tab { + overflow: hidden; + margin-top: 5px; +} + +/* Style the buttons inside the tab */ +div.tab button { + background-color: #f0f0f0; + float: left; + border: none; + outline: none; + cursor: pointer; + padding: 10px 10px; +} + +/* Change background color of buttons on hover */ +div.tab button:hover { + opacity: 0.5; + background-color: #40a0cf; + color: #fff; +} + +/* Create an active/current tablink class */ +div.tab button.active { + background-color: #40a0cf; + color: #fff; +} + +.fadeEffect { + -webkit-animation: fadeEffect 0.8s; + animation: fadeEffect 0.8s; /* Fading effect takes 1 second */ +} + +@-webkit-keyframes fadeEffect { + from {opacity: 0;} + to {opacity: 1;} +} + +@keyframes fadeEffect { + from {opacity: 0;} + to {opacity: 1;} +} + +.tab:first-child { + border-radius: 4px 0 0 4px; +} + +.tab > button:last-child { + border-radius: 0 4px 4px 0; +} diff --git a/security/2020-07_SSL_Server_Test_luxeylab.net_files/collapse.png b/security/2020-07_SSL_Server_Test_luxeylab.net_files/collapse.png new file mode 100644 index 0000000..9776828 Binary files /dev/null and b/security/2020-07_SSL_Server_Test_luxeylab.net_files/collapse.png differ diff --git a/security/2020-07_SSL_Server_Test_luxeylab.net_files/expand.png b/security/2020-07_SSL_Server_Test_luxeylab.net_files/expand.png new file mode 100644 index 0000000..b7031bc Binary files /dev/null and b/security/2020-07_SSL_Server_Test_luxeylab.net_files/expand.png differ diff --git a/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-certificate.png b/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-certificate.png new file mode 100644 index 0000000..ea294d5 Binary files /dev/null and b/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-certificate.png differ diff --git a/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-certificates.png b/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-certificates.png new file mode 100644 index 0000000..f527997 Binary files /dev/null and b/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-certificates.png differ diff --git a/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-chain.png b/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-chain.png new file mode 100644 index 0000000..da180fd Binary files /dev/null and b/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-chain.png differ diff --git a/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-cipher.png b/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-cipher.png new file mode 100644 index 0000000..6fef8b8 Binary files /dev/null and b/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-cipher.png differ diff --git a/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-handshake.png b/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-handshake.png new file mode 100644 index 0000000..97ed6ce Binary files /dev/null and b/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-handshake.png differ diff --git a/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-http.png b/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-http.png new file mode 100644 index 0000000..64e70c3 Binary files /dev/null and b/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-http.png differ diff --git a/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-misc.png b/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-misc.png new file mode 100644 index 0000000..e018950 Binary files /dev/null and b/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-misc.png differ diff --git a/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-protocol-details.png b/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-protocol-details.png new file mode 100644 index 0000000..7b3a306 Binary files /dev/null and b/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-protocol-details.png differ diff --git a/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-protocol.png b/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-protocol.png new file mode 100644 index 0000000..b1fade5 Binary files /dev/null and b/security/2020-07_SSL_Server_Test_luxeylab.net_files/icon-protocol.png differ diff --git a/security/2020-07_SSL_Server_Test_luxeylab.net_files/main.css b/security/2020-07_SSL_Server_Test_luxeylab.net_files/main.css new file mode 100644 index 0000000..9266db2 --- /dev/null +++ b/security/2020-07_SSL_Server_Test_luxeylab.net_files/main.css @@ -0,0 +1,745 @@ +.mainPhoto { + width: 1100px; + height: 320px; + background: #2d63a5 url(../images/main-background.jpg); + margin: 0 auto; + padding: 50px; + -moz-box-sizing: border-box; + box-sizing: border-box; + position: relative; +} + +.mainPhoto > h2 { + font-size: 380%; + line-height: 100%; + letter-spacing: -1px; + font-weight: bold; + color: #fff; + max-width: 400px; + margin: 0; + text-shadow: 2px 2px 0 #000000; +} + +.mainPhoto > h3 { + font-size: 200%; + line-height: 130%; + font-weight: normal; + color: #fff; + max-width: 450px; + margin: 0; + margin-top: 20px; + text-shadow: 2px 2px 0 #000000; +} + +.featured { + width: 360px; + right: 20px; + top: 18px; + position: absolute; + margin-right: 20px; +} + +a.featuredLink { + display: block; + margin: 2px; + background: url(../images/black40.png); + font-size: 170%; + line-height: 100%; + font-weight: normal; + width: 350px; + height: 69px; + -moz-box-sizing: border-box; + box-sizing: border-box; + padding: 15px; + padding-left: 25px; + text-decoration: none; + color: #fff; + text-shadow: 2px 2px 0 #000000; +} + +a.featuredLink:hover { + background: url(../images/black50.png); +} + +a.featuredLink img { + float: left; + display: block; + margin-right: 20px; +} + +a.featuredLink > .d { + font-size: 60%; + font-weight: normal; + display: block; + margin-top: 0px; +} + + +.bookImage { + border: 1px solid #bbbbbb; + margin-right:10px; + margin-top: 5px; +} + +.spanFont { + font-weight: bold; + font-size: 11px; +} + +.footer { + font-size: 12px; +} + +/*ssltest/viewClient.vm*/ +.floatLeft { + float: left; +} + +/*ssltest/viewClient.vm*/ + +.floatRight { + float:right; + font-weight: bold; + font-size: 20px; +} + +.clientsJsonLink { + float:left; + margin-left: 10px; + margin-top: 25px; + text-decoration: underline; +} + + +#multiTable th { + cursor: pointer; + cursor: hand; +} + +.greyColor { + color:grey; + font-size: 12px; +} + +.partnerLogo { + float: right; + padding-right: 30px; + padding-top: 10px; +} + +#serverTestPara { + font-size: 16px; + line-height: 24px; +} + +#serverTestHideResults { + font-size: 12px; + color: black; + font-weight: normal; + text-align: left; +} + +.boxStyle{ + float:left; + width:327px; + margin-right:20px; + height:340px; +} + +.boxStyleRight{ + float:left; + width:327px; + height:340px; +} + +#appleTestDiv { + display: none; +} + +#statusDetailMsg { + font-size: 14px; + color: #666666; + padding-top: 5px; +} + +.certMismatch { + font-size: 0.7em; +} + +.invalidHost { + font-weight: normal; + font-size: 0.7em; +} + +#knownIssues { + font-size: 1.2em; +} + +#commonError { + font-size: 1.2em; +} + +#gradeA { + margin-bottom: 8px; +} + +.Aplus{ + font-size: 0.75em; +} + +.Aminus{ + font-size: 0.80em; +} + +.zeroMargin { + margin:0px; +} + +.serverKeyCert { + float: left; + width: 825px; +} + +.downloadIcon { + float: left; + margin-left: 8px; + margin-top: 5px; +} + +.blackColor{ + color: black; +} + +.colorF88017 { + color: #f88017 !important; +} + +.colorRed { + color : red !important; +} + + +.color666666 { + color: #666666 !important; +} + + +.color-green { + color : green !important; +} + +.tableCellRight { + width: 75px; + text-align: right; +} + +.tableCellCenter { + width: 125px; + text-align: center; + padding-left: 10px; + padding-right: 10px; + font-size: 11px; +} + +#no-trust-path { + text-align: center; + width: 850px; +} + +.cursor-help { + cursor : help; +} + +.cursor-default { + cursor: default; +} +.font-10{ + font-size: 10px; +} + +.font-11{ + font-size: 11px; +} + +.drown-test { + font-size: 12px; + color: grey; + line-height: 18px; +} + +/*ssltest/viewClient.vm*/ + +.display-none{ + display: none; +} + + +.infoBox { + border: 1px solid #bbbbbb; + padding: 5px; + background: #fffacd; + margin-top: 10px; + font-weight: bold; + color: #222222; +} + +.highlightBox { + border: 1px solid #888888; + padding: 5px; + background: #7ed84d; + margin-top: 10px; + font-weight: bold; + color: #222222; +} + +.noticeBox { + border: 1px solid #bbbbbb; + padding: 5px; + background: #CCEEFF; + margin-top: 10px; + font-weight: bold; + color: #222222; +} + +.warningBox { + border: 1px solid #bbbbbb; + padding: 5px; + background: #FFCF79; + margin-top: 10px; + font-weight: bold; + color: #222222; +} + +.errorBox { + border: 1px solid #bbbbbb; + padding: 5px; + background: #FFCCCB; + margin-top: 10px; + font-weight: bold; + color: #222222; +} + +#drownTable th { + color: #009ddf; + border-bottom: 2px solid #c6d2d4; + text-align: left; + font-size: 12px; + padding-top: 4px; + padding-bottom: 2px; +} + +#drownTable td { + text-align: left; + font-size: 12px; + padding-top: 4px; + padding-bottom: 2px; +} + +.warning-box-margin { + margin-top: 10px; +} + +.text-align-left { + text-align: left; +} + +/*ssltest/viewClient.vm*/ + +.report-title-style{ + color: black; + padding-top: 10px; +} + +/*ssltest/viewClient.vm*/ +.width-650{ + width: 650px; +} + +/*ssltest/viewClient.vm*/ +.browser-handshake-fail{ + font-size: 0.7em; + color: #666666; +} + +/*ssltest/viewClient.vm*/ +.warning-box-line-height{ + line-height: 145px; +} + +/*ssltest/viewClient.vm*/ +#protocolTestDiv, #ssl2TestDiv, #ssl3TestDiv, #appleTestDiv, #freakTestDiv, #jamTestDiv, #curveBallTestDiv { + display: none; +} + +#protocolTestMsg, #ssl2TestMsg, #ssl3TestMsg, #appleTestMsg, #freakTestMsg, #jamTestMsg, #curveBallTestMsg { + font-size: 16px; + font-weight: bold; +} + +#protocolTestMsgNotes, #ssl2TestMsgNotes, #ssl3TestMsgNotes, #appleTestMsgNotes, #freakTestMsgNotes, #jamTestMsgNotes, #curveBallTestMsgNotes { + color: grey; + font-size: 14px; +} + +.width-100{ + width : 100px; +} + +.report-table-margin{ + margin-left: 75px !important; +} + +.settings-message{ + width: 800px; + color: grey; + font-size: 12px; +} + +.category_width_0{ +width:0px; +} +.category_width_3{ +width:3px; +} +.category_width_6{ +width:6px; +} +.category_width_9{ +width:9px; +} +.category_width_12{ +width:12px; +} +.category_width_15{ +width:15px; +} +.category_width_18{ +width:18px; +} +.category_width_21{ +width:21px; +} +.category_width_24{ +width:24px; +} +.category_width_27{ +width:27px; +} +.category_width_30{ +width:30px; +} +.category_width_33{ +width:33px; +} +.category_width_36{ +width:36px; +} +.category_width_39{ +width:39px; +} +.category_width_42{ +width:42px; +} +.category_width_45{ +width:45px; +} +.category_width_48{ +width:48px; +} +.category_width_51{ +width:51px; +} +.category_width_54{ +width:54px; +} +.category_width_57{ +width:57px; +} +.category_width_60{ +width:60px; +} +.category_width_63{ +width:63px; +} +.category_width_66{ +width:66px; +} +.category_width_69{ +width:69px; +} +.category_width_72{ +width:72px; +} +.category_width_75{ +width:75px; +} +.category_width_78{ +width:78px; +} +.category_width_81{ +width:81px; +} +.category_width_84{ +width:84px; +} +.category_width_87{ +width:87px; +} +.category_width_90{ +width:90px; +} +.category_width_93{ +width:93px; +} +.category_width_96{ +width:96px; +} +.category_width_99{ +width:99px; +} +.category_width_102{ +width:102px; +} +.category_width_105{ +width:105px; +} +.category_width_108{ +width:108px; +} +.category_width_111{ +width:111px; +} +.category_width_114{ +width:114px; +} +.category_width_117{ +width:117px; +} +.category_width_120{ +width:120px; +} +.category_width_123{ +width:123px; +} +.category_width_126{ +width:126px; +} +.category_width_129{ +width:129px; +} +.category_width_132{ +width:132px; +} +.category_width_135{ +width:135px; +} +.category_width_138{ +width:138px; +} +.category_width_141{ +width:141px; +} +.category_width_144{ +width:144px; +} +.category_width_147{ +width:147px; +} +.category_width_150{ +width:150px; +} +.category_width_153{ +width:153px; +} +.category_width_156{ +width:156px; +} +.category_width_159{ +width:159px; +} +.category_width_162{ +width:162px; +} +.category_width_165{ +width:165px; +} +.category_width_168{ +width:168px; +} +.category_width_171{ +width:171px; +} +.category_width_174{ +width:174px; +} +.category_width_177{ +width:177px; +} +.category_width_180{ +width:180px; +} +.category_width_183{ +width:183px; +} +.category_width_186{ +width:186px; +} +.category_width_189{ +width:189px; +} +.category_width_192{ +width:192px; +} +.category_width_195{ +width:195px; +} +.category_width_198{ +width:198px; +} +.category_width_201{ +width:201px; +} +.category_width_204{ +width:204px; +} +.category_width_207{ +width:207px; +} +.category_width_210{ +width:210px; +} +.category_width_213{ +width:213px; +} +.category_width_216{ +width:216px; +} +.category_width_219{ +width:219px; +} +.category_width_222{ +width:222px; +} +.category_width_225{ +width:225px; +} +.category_width_228{ +width:228px; +} +.category_width_231{ +width:231px; +} +.category_width_234{ +width:234px; +} +.category_width_237{ +width:237px; +} +.category_width_240{ +width:240px; +} +.category_width_243{ +width:243px; +} +.category_width_246{ +width:246px; +} +.category_width_249{ +width:249px; +} +.category_width_252{ +width:252px; +} +.category_width_255{ +width:255px; +} +.category_width_258{ +width:258px; +} +.category_width_261{ +width:261px; +} +.category_width_264{ +width:264px; +} +.category_width_267{ +width:267px; +} +.category_width_270{ +width:270px; +} +.category_width_273{ +width:273px; +} +.category_width_276{ +width:276px; +} +.category_width_279{ +width:279px; +} +.category_width_282{ +width:282px; +} +.category_width_285{ +width:285px; +} +.category_width_288{ +width:288px; +} +.category_width_291{ +width:291px; +} +.category_width_294{ +width:294px; +} +.category_width_297{ +width:297px; +} +.category_width_300{ +width:300px; +} + +/*ssltest/clients.html*/ +.h { + color: green; +} + +.w { + color: #F88017; +} + +.e { + color: red; +} + + +/*projects/documentation/*/ + +.openssl-book-style{ +margin-right: 10px; margin-top: 5px; +} + +.minisite-header-3pixel{ + padding-bottom: 3px; +} + +.minisite-header{ + padding-bottom: 1px; +} + + +/*ssltest/blacklistcheck.html*/ +#donot-scan-list { + font-size: 16px; + line-height: 24px; +} + + +/*about/activityLog.vm*/ +#activityTable th { + font-size: 13px; +} + +#activityTable td { + font-size: 13px; +} \ No newline at end of file diff --git a/security/2020-07_SSL_Server_Test_luxeylab.net_files/qualys-ssl-labs-logo.png b/security/2020-07_SSL_Server_Test_luxeylab.net_files/qualys-ssl-labs-logo.png new file mode 100644 index 0000000..7301302 Binary files /dev/null and b/security/2020-07_SSL_Server_Test_luxeylab.net_files/qualys-ssl-labs-logo.png differ