Replace Server and port on the below snippet and run the for loop .It will list all the Protocols and ciphers supported by the port on the server We can use the same snippet to get the ciphers and protocals from from remote server also This can only run from Linux/Aix/Sol server for v in ssl2 ssl3 tls1 tls1_1 tls1_2; do for c in $(openssl ciphers 'ALL:eNULL' | tr ':' ' '); do openssl s_client -connect SERVERIP:PORT -cipher $c -$v < /dev/null > /dev/null 2>&1 && echo $v:\t$c done done
For example i have Linux server where 631 port is up and listening .
Now i want to get the list of Protocols and Cihpers that this server and port supporting .
Replace the IP and port on the given ssl snippet and run on the server . Refer below output.
[wlsuser@localhost tmp]$ netstat -tnpl |grep 631
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN –
tcp6 0 0 ::1:631 :::* LISTEN –
[wlsuser@localhost tmp]$ for v in ssl2 ssl3 tls1 tls1_1 tls1_2;
do for c in $(openssl ciphers ‘ALL:eNULL’ | tr ‘:’ ‘ ‘); do
openssl s_client -connect 127.0.0.1:631 -cipher $c -$v < /dev/null > /dev/null 2>&1 && echo $v:\t$c
done
done
tls1:tAES256-SHA
tls1:tCAMELLIA256-SHA
tls1:tAES128-SHA
tls1:tSEED-SHA
tls1:tCAMELLIA128-SHA
tls1:tDES-CBC3-SHA
tls1:tIDEA-CBC-SHA
tls1_1:tAES256-SHA
tls1_1:tCAMELLIA256-SHA
tls1_1:tAES128-SHA
tls1_1:tSEED-SHA
tls1_1:tCAMELLIA128-SHA
tls1_1:tDES-CBC3-SHA
tls1_1:tIDEA-CBC-SHA
tls1_2:tAES256-GCM-SHA384
tls1_2:tAES256-SHA256
tls1_2:tAES256-SHA
tls1_2:tCAMELLIA256-SHA
tls1_2:tAES128-GCM-SHA256
tls1_2:tAES128-SHA256
tls1_2:tAES128-SHA
tls1_2:tSEED-SHA
tls1_2:tCAMELLIA128-SHA
tls1_2:tDES-CBC3-SHA
tls1_2:tIDEA-CBC-SHA
[wlsuser@localhost tmp]$
One thought on “How to get ciphers and protocols that running port use on the server”