How to get ciphers and protocols that running port use on the server

Replace Server and port on the below snippet and run the for loop .It will list all the Protocols and ciphers supported by the port on the server 
We can use the same snippet to get the ciphers and protocals from from remote server also 
This can only run from Linux/Aix/Sol server

for v in ssl2 ssl3 tls1 tls1_1 tls1_2; do
   for c in $(openssl ciphers 'ALL:eNULL' | tr ':' ' '); do
     openssl s_client -connect SERVERIP:PORT -cipher $c -$v < /dev/null > /dev/null 2>&1 && echo $v:\t$c
  done
done

For example i have Linux server where 631 port is up and listening .
Now i want to get the list of Protocols and Cihpers that this server and port supporting .
Replace the IP and port on the given ssl snippet and run on the server . Refer below output.
[wlsuser@localhost tmp]$ netstat -tnpl |grep 631
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN –
tcp6 0 0 ::1:631 :::* LISTEN –
[wlsuser@localhost tmp]$ for v in ssl2 ssl3 tls1 tls1_1 tls1_2;

do for c in $(openssl ciphers ‘ALL:eNULL’ | tr ‘:’ ‘ ‘); do
openssl s_client -connect 127.0.0.1:631 -cipher $c -$v < /dev/null > /dev/null 2>&1 && echo $v:\t$c
done
done
tls1:tAES256-SHA


tls1:tCAMELLIA256-SHA


tls1:tAES128-SHA


tls1:tSEED-SHA


tls1:tCAMELLIA128-SHA


tls1:tDES-CBC3-SHA


tls1:tIDEA-CBC-SHA


tls1_1:tAES256-SHA


tls1_1:tCAMELLIA256-SHA


tls1_1:tAES128-SHA


tls1_1:tSEED-SHA


tls1_1:tCAMELLIA128-SHA


tls1_1:tDES-CBC3-SHA


tls1_1:tIDEA-CBC-SHA


tls1_2:tAES256-GCM-SHA384


tls1_2:tAES256-SHA256


tls1_2:tAES256-SHA


tls1_2:tCAMELLIA256-SHA


tls1_2:tAES128-GCM-SHA256


tls1_2:tAES128-SHA256


tls1_2:tAES128-SHA


tls1_2:tSEED-SHA


tls1_2:tCAMELLIA128-SHA


tls1_2:tDES-CBC3-SHA


tls1_2:tIDEA-CBC-SHA
[wlsuser@localhost tmp]$

To know Equivalent Java cipher refer referLink

Related Posts

One thought on “How to get ciphers and protocols that running port use on the server

Leave a Reply

Your email address will not be published. Required fields are marked *