testssl.sh/etc
Dirk ca34e3fc12 Updated client simulation
SSLabs API only added one newer version of Chrome (70) and one newer version
of Firefox (62).

Thus the wishlist gets longer (c15e0425dc).
Missing is Android 8 and 9, OpenSSL 1.1.1, Safari on OSX 11 and 12. Java 10
and 11.

Fix #1104
2018-11-05 22:47:28 +01:00
..
Apple.pem update of certificate stores, except MS 2017-09-18 14:18:00 +02:00
Linux.pem update of certificate stores, except MS 2017-09-18 14:18:00 +02:00
Microsoft.pem added MS CA store, see #825 2017-09-19 15:15:54 +02:00
Mozilla.pem update of certificate stores, except MS 2017-09-18 14:18:00 +02:00
README.md Update README.md 2017-09-19 14:50:08 +02:00
ca_hashes.txt added MS CA store, see #825 2017-09-19 15:15:54 +02:00
cipher-mapping.txt Correct new openssl cipher name 2018-11-02 14:04:12 +01:00
client-simulation.txt Updated client simulation 2018-11-05 22:47:28 +01:00
common-primes.txt Remove duplicate common primes 2018-07-23 13:48:18 -04:00
curves.txt - added values to curve448 + 25519 2016-06-09 13:18:55 +02:00
tls_data.txt Remove '0a' character from public keys 2018-09-21 17:07:46 -04:00

README.md

Certificate stores

The certificate stores were retrieved by

In this directory you can also save e.g. your company Root CA(s) in PEM format, extension pem. This has two catches momentarily: You will still get a warning for the other certificate stores while scanning internal net- works. Second catch: If you scan other hosts in the internet the check against your Root CA will fail, too. This will be fixed in the future, see #230.

Further needed files

  • tls_data.txt contains lists of cipher suites and private keys for sockets-based tests

  • cipher-mapping.txt contains information about all of the cipher suites defined for SSL/TLS

  • ca_hashes.txt is used for HPKP test in order to have a fast comparison with known CAs. Use ~/utils/create_ca_hashes.sh for an update

  • common-primes.txt is used for LOGJAM

  • client-simulation.txt as the name indicates it's the data for the client simulation. Use ~/utils/update_client_sim_data.pl for an update. Note: This list has been manually edited to sort it and weed it out.