Olivia
Online
testtls
@testtls_com
Test a TLS server on for security
Hamburg, Deutschland
Joined August 2020
42 Following
41 Followers
20 Posts
@JeromeDavies1 Sorry for the late reply. This is most likely an error in the https://t.co/hD26ep8O4f scan engine that fails to get the right OSCP headers. There will be an update soon; most likely nothing to worry about. Tell me your domain if you want an individual check.
@JeromeDavies1 That is a bug on our side. The underlying scan engine had that fixed recently and I still need to integrate that into the website. Sorry for that!
The website of https://t.co/fo6dsKkp2K does no longer reference any external resources. Instead we host all JS & CSS on our server. Kicking out CDNs sacrifices some speed for privacy. Do you think it is worth it?
Today we fixed an issue where expired intermediate certificates provided by a #TLS server caused https://t.co/CTEYVC2srZ to report an "expired" chain of trust. Even if a trusted root CA certificate upheld a valid chain, like with the today expired DST Root CA X3 from Lets Encrypt
Maybe no single entity has contributed more to spreading #TLS than @letsencrypt - kudos! But simultaneously, LE is becoming a big single-point-of-failure.
Did you know there are alternative CAs providing free certificates and ACME client support, like @zerosslHQ or @buypass?
@yegle The issue has been fixed now. Thanks for bringing that to my attention!
Root cause was a bug in OpenSSL 1.0.2 - see https://t.co/sGafRjoLMS . Upgrading to OpenSSL 1.1 is not an option as https://t.co/CTEYVC2srZ needs to talk to old & rusty servers still..
@yegle After some more research I can acknowledge that there is an issue with Let's Encrypt's DST Root CA X3 expiration. Servers that include the full certificate chain (as recommended by LE for Android devices) get detected as "Chain Of Trust: failed (expired)". Will keep you posted.
@yegle Yes, that should be handled correctly. Keep in mind that the server certificate determines the chain upwards till the CA cert. If you tell me the domain, I will cross-check that for you.
I love how @letsencrypt is making the Internet a more secure place. But with their huge success we are centralizing #TLS #certificate issuance and creating a single point of failure. Shouldn't there be a dozen or so independent letsencrypts?
Small feature but nevertheless: #download of the #certificate from your #SSL/#TLS service is now possible on https://t.co/CTEYVC2srZ. I am embedding those using "data" URL scheme with base64 encoding; do all browsers support that?
Big thanks to everyone giving lots of feedback during the last week via Twitter and Reddit. First improvement: scanning IPv6 targets with TestTLS is now also possible. Does that work for you as expected? Please like. If not, please comment.
@yschimke Client compatibility is taken from ssllabs API via https://t.co/hD26ep8O4f - see https://t.co/9MxjvFyNHg
Android docs at https://t.co/Xg6qdAyVSb claim that TLS 1.2 client sockets are available from Jelly Bean (4.1) but enabled by default only from Lollipop (5.0) only. So YMMV.
@digininja @BeanBagKing Currently it is one single call but for faster tests I will run smaller chunks in parallel later. Retesting only failed items is a good idea to speed things up. Until you break one part while trying to repair another. Maybe prioritize the failed part then trigger a full scan?
@digininja @BeanBagKing Showing the command in the report alongside the versions makes sense and will improve transparency for the users.
Not sure what you mean by the second part. Retesting findings on the CLI?
@digininja Thanks for the feedback! Scoring is high on my wish list as well. Just not sure if I should apply the scoring rules from SSLlabs or create my own set of rules. I like compatibility.
Last Seen Users on Sotwe
๐ฟ๐งเธเธเนเธชเธตเธขเธงเนSuphanburi ๐ง๐ฟ
Seen from Thailand
drilling machine
Seen from United States
slav@
Seen from Turkey
ุฏูุชูุฑ ุฌุฑุฌุณ
Seen from France
ุงูุนุฑุงูู ุงุจู ุฏูุงูู ๐ฎ๐ถ
euforiadiosa๐ฑ
Seen from United States
Mr.X
Seen from Pakistan
KELEBEK๐๐
Seen from Turkey
ู
ูุณ
Seen from Japan
Jad
Seen from Saudi Arabia
Most Popular Users
Elon Musk 
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.6M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.3M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
61.9M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers