How to find the SSL Version and Cipher type used by a secure website

From DOS prompt, type OPENSSL s_client -connect http://www.yourwebsite.com:443

In order to find the SSL cipher being used by a particular HTTPS website, follow the steps specified below:

1. Launch a DOS Prompt.
2. Browse to the LoadRunner\bin folder.
3. Type in openssl and press ENTER. After this you would notice the prompt change toOPENSSL>.
4. Type in the following command

   OPENSSL>s_client -connect http://www.yourwebsite.com:443

The above statement will make the initial SSL handshake and the display output after the handshake is completed. The information will look as follows:

   —
New, TLSv1/SSLv3, Cipher is RC4-MD5
Server public key is 1024 bit
SSL-Session:
Protocol : TLSv1
Cipher : RC4-MD5

This indicates that the SSL Version is 3 and the SSL Cipher being used is “RC4-MD5.”

The SSL version and Cipher type can be set in Vuser script using the web_set_sockets_options() function.

Note:If you get error as shown below, make sure that you are able to ping the server from the machine from which openssl command was run.
gethostbyname failure
connect:errno=11004
error in s_client’

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s