diff --git a/README.md b/README.md index 398b2be..73b4f8a 100644 --- a/README.md +++ b/README.md @@ -1,14 +1,22 @@ # SSL Labs Scan [![githubactions](https://github.com/kyhau/ssllabs-scan/workflows/Build-Test/badge.svg)](https://github.com/kyhau/ssllabs-scan/actions) -[![travisci](https://travis-ci.org/kyhau/ssllabs-scan.svg?branch=master)](https://travis-ci.org/kyhau/ssllabs-scan) +[![travisci](https://travis-ci.org/kyhau/ssllabs-scan.svg?branch=master)](https://travis-ci.org/kyhau/ssllabs-scan) [![codecov](https://codecov.io/gh/kyhau/ssllabs-scan/branch/master/graph/badge.svg)](https://codecov.io/gh/kyhau/ssllabs-scan) [![License](https://img.shields.io/badge/license-MIT-blue.svg)](http://en.wikipedia.org/wiki/MIT_License) Support Python >= 3.6 -Call SSL Labs [API](https://github.com/ssllabs/ssllabs-scan/blob/stable/ssllabs-api-docs.md) to do SSL testings -on servers. +This tool calls the SSL Labs [API v2](https://github.com/ssllabs/ssllabs-scan/blob/master/ssllabs-api-docs.md) to do SSL testings on servers. + +- **TODO**: use v3 instead of v2 +- **NOTE**: Please note that the SSL Labs Assessment API has access rate limits. You can find more details in the sections "Error Response Status Codes" and "Access Rate and Rate Limiting" in the official [SSL Labs API Documentation](https://github.com/ssllabs/ssllabs-scan/blob/master/ssllabs-api-docs.md). Some common status codes are: + - 400 - invocation error (e.g., invalid parameters) + - 429 - client request rate too high or too many new assessments too fast + - 500 - internal error + - 503 - the service is not available (e.g., down for maintenance) + - 529 - the service is overloaded + ## Input and Output diff --git a/ReleaseNotes.md b/ReleaseNotes.md index c8316ff..147568c 100644 --- a/ReleaseNotes.md +++ b/ReleaseNotes.md @@ -1,3 +1,7 @@ +1.1.0 - 2020-12-16 +================== +- Added "supportsRc4", "rc4WithModern" and "rc4Only" to the html summary. + 1.0.1 - 2020-02-12 ================== - When the API server is overloaded with requests it returns response.status_code 529. In this case request_api() diff --git a/sample/SampleHtmlOutput.png b/sample/SampleHtmlOutput.png index 39ec104..3b13061 100644 Binary files a/sample/SampleHtmlOutput.png and b/sample/SampleHtmlOutput.png differ diff --git a/sample/SampleServerList.txt b/sample/SampleServerList.txt index 699c65c..a29c48c 100644 --- a/sample/SampleServerList.txt +++ b/sample/SampleServerList.txt @@ -1 +1,2 @@ +duckduckgo.com google.com \ No newline at end of file diff --git a/sample/duckduckgo.com.json b/sample/duckduckgo.com.json new file mode 100644 index 0000000..e77a3a0 --- /dev/null +++ b/sample/duckduckgo.com.json @@ -0,0 +1,1144 @@ +{ + "host": "duckduckgo.com", + "port": 443, + "protocol": "http", + "isPublic": false, + "status": "READY", + "startTime": 1608111674810, + "testTime": 1608111772601, + "engineVersion": "2.1.8", + "criteriaVersion": "2009q", + "endpoints": [ + { + "ipAddress": "52.250.42.157", + "statusMessage": "Ready", + "grade": "A+", + "gradeTrustIgnored": "A+", + "hasWarnings": false, + "isExceptional": true, + "progress": 100, + "duration": 97701, + "eta": 5, + "delegation": 1, + "details": { + "hostStartTime": 1608111674810, + "key": { + "size": 2048, + "alg": "RSA", + "debianFlaw": false, + "strength": 2048 + }, + "cert": { + "subject": "CN=*.duckduckgo.com, O=\"Duck Duck Go, Inc.\", L=Paoli, ST=Pennsylvania, C=US", + "commonNames": [ + "*.duckduckgo.com" + ], + "altNames": [ + "*.duckduckgo.com", + "duckduckgo.com" + ], + "notBefore": 1602201600000, + "notAfter": 1636502400000, + "issuerSubject": "CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US", + "issuerLabel": "DigiCert SHA2 Secure Server CA", + "sigAlg": "SHA256withRSA", + "revocationInfo": 3, + "crlURIs": [ + "http://crl3.digicert.com/ssca-sha2-g7.crl" + ], + "ocspURIs": [ + "http://ocsp.digicert.com" + ], + "revocationStatus": 2, + "crlRevocationStatus": 2, + "ocspRevocationStatus": 2, + "sgc": 0, + "issues": 0, + "sct": true, + "mustStaple": 0, + "sha1Hash": "27da3af20c25c68bd13e368290c28a427b423494", + "pinSha256": "aaQNUnC/SrN0xzwnhyUVAV4OAvBKr10pcojTTdQg3j0=" + }, + "chain": { + "certs": [ + { + "subject": "CN=*.duckduckgo.com, O=\"Duck Duck Go, Inc.\", L=Paoli, ST=Pennsylvania, C=US", + "label": "*.duckduckgo.com", + "notBefore": 1602201600000, + "notAfter": 1636502400000, + "issuerSubject": "CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US", + "issuerLabel": "DigiCert SHA2 Secure Server CA", + "sigAlg": "SHA256withRSA", + "issues": 0, + "keyAlg": "RSA", + "keySize": 2048, + "keyStrength": 2048, + "revocationStatus": 2, + "crlRevocationStatus": 2, + "ocspRevocationStatus": 2, + "sha1Hash": "27da3af20c25c68bd13e368290c28a427b423494", + "pinSha256": "aaQNUnC/SrN0xzwnhyUVAV4OAvBKr10pcojTTdQg3j0=", + "raw": "-----BEGIN CERTIFICATE-----\nMIIGNDCCBRygAwIBAgIQCyGRH0tQ5EYvK8SFwKOrejANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQG\r\nEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3Vy\r\nZSBTZXJ2ZXIgQ0EwHhcNMjAxMDA5MDAwMDAwWhcNMjExMTEwMDAwMDAwWjBsMQswCQYDVQQGEwJV\r\nUzEVMBMGA1UECBMMUGVubnN5bHZhbmlhMQ4wDAYDVQQHEwVQYW9saTEbMBkGA1UEChMSRHVjayBE\r\ndWNrIEdvLCBJbmMuMRkwFwYDVQQDDBAqLmR1Y2tkdWNrZ28uY29tMIIBIjANBgkqhkiG9w0BAQEF\r\nAAOCAQ8AMIIBCgKCAQEAriX48ii0YZNNQap1XyNvF2xcET9b8xyDC75sws3I1Lsqv70cgpxba7Uf\r\n7QZDdI/Tuc4NUpXQYcigi2jAzhDCxC20RaTLyeWgqVsBlR8SDXjXJuIL+POmpTjDYfBYv8FKxFGV\r\nPnhAwVrNKsNcnPWyROwnE5j3f0iwAiOVkxvWrCGiWq1kL+lI7/ySgRaxPwo/7sjUfsEMX88GgAma\r\ndrbkhZ8XQN2NO9F8NIXQQtTH6sXuqSgTibxM9Legs7JXRtR1ZXRTmhsAx+XkwRVH2Tfab3bqe/IJ\r\nnXo7+Ugi6NtCZjLL3kIdG/N9uNbAW/t5mqQEqqIPZiCddg6Oo/XS2kiPGwIDAQABo4IC7zCCAusw\r\nHwYDVR0jBBgwFoAUD4BhHIIxYdUvKOeNRji0LOHG2eIwHQYDVR0OBBYEFBhWnjl/xGxse6QlSyJT\r\nbfR2CNg6MCsGA1UdEQQkMCKCECouZHVja2R1Y2tnby5jb22CDmR1Y2tkdWNrZ28uY29tMA4GA1Ud\r\nDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2g\r\nK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNy5jcmwwL6AtoCuGKWh0dHA6\r\nLy9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzcuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9\r\nbAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIC\r\nMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYG\r\nCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJl\r\nU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgD2XJQv\r\n0XcwIhRUGAgwlFaO400TGTO/3wwvIAvMTvFk4wAAAXUN56bbAAAEAwBHMEUCIDRdbtL7+06qIRvQ\r\nGLQ7xqdOVMzFD6busK2JLhOnGMXxAiEA9r9JNr6U7qfcScFBJgjHS7+yegk8nYbXZFDgqb2SeK4A\r\ndgBc3EOS/uarRUSxXprUVuYQN/vV+kfcoXOUsl7m9scOygAAAXUN56cqAAAEAwBHMEUCICm3BPQf\r\n0TuBFz/8cbPumqFNQm78WLh5lA/bQUjQ3hmKAiEAq1ctTcCJhP72zTuPWYKKWQ4a0JYG1ubqRnou\r\nHUIe0qAwDQYJKoZIhvcNAQELBQADggEBAH0n//gW4Awn/TV2AboAxr5cM2XjLj6qEwCZZCXV279S\r\nSAEbaeRlXmIzqfc2Sf0VBjynwkmbr+73mnQTFflEVzjt1lBl3SACqIreyMPJIP1TxXeHXqoQyI66\r\nnIf283P7LpNnVS6s3zU9tD3PlyGoK6zQcixdQUQaCNXClmL1dbpW8DcNc0nx5GszDF6E3mkAPpM1\r\nIKco1z5KqOFB+YR156emy1ZIXI0qX9Xfw50SVupKccL7nBzBmNa8Mn8u9nqHrdR9ssfzqUW013vE\r\nMqt9zv3XcEgRZOfr1y+M7CFJwtA6CzJsB4JXyx6GfhbztY/KjfEd4qZyKElSnDCgRJxDztk=\r\n-----END CERTIFICATE-----\n" + }, + { + "subject": "CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US", + "label": "DigiCert SHA2 Secure Server CA", + "notBefore": 1362744000000, + "notAfter": 1678276800000, + "issuerSubject": "CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US", + "issuerLabel": "DigiCert Global Root CA", + "sigAlg": "SHA256withRSA", + "issues": 0, + "keyAlg": "RSA", + "keySize": 2048, + "keyStrength": 2048, + "revocationStatus": 2, + "crlRevocationStatus": 2, + "ocspRevocationStatus": 2, + "sha1Hash": "1fb86b1168ec743154062e8c9cc5b171a4b7ccb4", + "pinSha256": "5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=", + "raw": "-----BEGIN CERTIFICATE-----\nMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQG\r\nEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAw\r\nHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgx\r\nMjAwMDBaME0xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRp\r\nZ2lDZXJ0IFNIQTIgU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC\r\nggEBANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83nf36QYSv\r\nx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bdKpPDkC55gIDvEwRqFDu1\r\nm5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f/ld0Uzs1gN2ujkSYs58O09rg1/RrKatE\r\np0tYhG2SS4HD2nOLEpdIkARFdRrdNzGXkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJ\r\nTvOX6+guqw9ypzAO+sf0/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQI\r\nMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0\r\ncDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2lj\r\nZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2lj\r\nZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYI\r\nKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHV\r\nLyjnjUY4tCzhxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB\r\nCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl5TlPHoOlblyY\r\noiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA8MXW5dRNJ2Srm8c+cftIl7gz\r\nbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8s\r\njX7tN8Cp1Tm5gr8ZDOo0rwAhaPitc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopY\r\nJeS4d60tbvVS3bR0j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\r\n-----END CERTIFICATE-----\n" + } + ], + "issues": 0 + }, + "protocols": [ + { + "id": 771, + "name": "TLS", + "version": "1.2" + } + ], + "suites": { + "list": [ + { + "id": 4866, + "name": "TLS_AES_256_GCM_SHA384", + "cipherStrength": 256, + "ecdhBits": 256, + "ecdhStrength": 3072 + }, + { + "id": 4867, + "name": "TLS_CHACHA20_POLY1305_SHA256", + "cipherStrength": 256, + "ecdhBits": 256, + "ecdhStrength": 3072 + }, + { + "id": 4865, + "name": "TLS_AES_128_GCM_SHA256", + "cipherStrength": 128, + "ecdhBits": 256, + "ecdhStrength": 3072 + }, + { + "id": 49199, + "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + "cipherStrength": 128, + "ecdhBits": 256, + "ecdhStrength": 3072 + }, + { + "id": 49191, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", + "cipherStrength": 128, + "ecdhBits": 256, + "ecdhStrength": 3072 + }, + { + "id": 49171, + "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "cipherStrength": 128, + "ecdhBits": 256, + "ecdhStrength": 3072 + }, + { + "id": 156, + "name": "TLS_RSA_WITH_AES_128_GCM_SHA256", + "cipherStrength": 128 + }, + { + "id": 49312, + "name": "TLS_RSA_WITH_AES_128_CCM_8", + "cipherStrength": 128 + }, + { + "id": 49308, + "name": "TLS_RSA_WITH_AES_128_CCM", + "cipherStrength": 128 + }, + { + "id": 60, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA256", + "cipherStrength": 128 + }, + { + "id": 47, + "name": "TLS_RSA_WITH_AES_128_CBC_SHA", + "cipherStrength": 128 + }, + { + "id": 49200, + "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", + "cipherStrength": 256, + "ecdhBits": 256, + "ecdhStrength": 3072 + }, + { + "id": 49192, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", + "cipherStrength": 256, + "ecdhBits": 256, + "ecdhStrength": 3072 + }, + { + "id": 49172, + "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "cipherStrength": 256, + "ecdhBits": 256, + "ecdhStrength": 3072 + }, + { + "id": 157, + "name": "TLS_RSA_WITH_AES_256_GCM_SHA384", + "cipherStrength": 256 + }, + { + "id": 49313, + "name": "TLS_RSA_WITH_AES_256_CCM_8", + "cipherStrength": 256 + }, + { + "id": 49309, + "name": "TLS_RSA_WITH_AES_256_CCM", + "cipherStrength": 256 + }, + { + "id": 61, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA256", + "cipherStrength": 256 + }, + { + "id": 53, + "name": "TLS_RSA_WITH_AES_256_CBC_SHA", + "cipherStrength": 256 + } + ], + "preference": true + }, + "serverSignature": "nginx", + "prefixDelegation": false, + "nonPrefixDelegation": true, + "vulnBeast": false, + "renegSupport": 2, + "stsStatus": "present", + "stsResponseHeader": "max-age=31536000", + "stsMaxAge": 31536000, + "stsSubdomains": false, + "stsPreload": false, + "sessionResumption": 2, + "compressionMethods": 0, + "supportsNpn": true, + "npnProtocols": "h2 http/1.1", + "supportsAlpn": true, + "sessionTickets": 1, + "ocspStapling": true, + "staplingRevocationStatus": 2, + "sniRequired": false, + "httpStatusCode": 200, + "supportsRc4": false, + "rc4WithModern": false, + "rc4Only": false, + "forwardSecrecy": 4, + "protocolIntolerance": 0, + "miscIntolerance": 0, + "sims": { + "results": [ + { + "client": { + "id": 56, + "name": "Android", + "version": "2.3.7", + "isReference": false + }, + "errorCode": 1, + "attempts": 0 + }, + { + "client": { + "id": 58, + "name": "Android", + "version": "4.0.4", + "isReference": false + }, + "errorCode": 1, + "attempts": 0 + }, + { + "client": { + "id": 59, + "name": "Android", + "version": "4.1.1", + "isReference": false + }, + "errorCode": 1, + "attempts": 0 + }, + { + "client": { + "id": 60, + "name": "Android", + "version": "4.2.2", + "isReference": false + }, + "errorCode": 1, + "attempts": 0 + }, + { + "client": { + "id": 61, + "name": "Android", + "version": "4.3", + "isReference": false + }, + "errorCode": 1, + "attempts": 0 + }, + { + "client": { + "id": 62, + "name": "Android", + "version": "4.4.2", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 88, + "name": "Android", + "version": "5.0.0", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 129, + "name": "Android", + "version": "6.0", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 167, + "name": "Android", + "version": "7.0", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 168, + "name": "Android", + "version": "8.0", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 157, + "name": "Android", + "version": "8.1", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4866, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 158, + "name": "Android", + "version": "9.0", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4866, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 94, + "name": "Baidu", + "version": "Jan 2015", + "isReference": false + }, + "errorCode": 1, + "attempts": 0 + }, + { + "client": { + "id": 91, + "name": "BingPreview", + "version": "Jan 2015", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 136, + "name": "Chrome", + "platform": "XP SP3", + "version": "49", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 152, + "name": "Chrome", + "platform": "Win 7", + "version": "69", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 153, + "name": "Chrome", + "platform": "Win 10", + "version": "70", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4866, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 170, + "name": "Chrome", + "platform": "Win 10", + "version": "80", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4866, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 84, + "name": "Firefox", + "platform": "Win 7", + "version": "31.3.0 ESR", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 132, + "name": "Firefox", + "platform": "Win 7", + "version": "47", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 137, + "name": "Firefox", + "platform": "XP SP3", + "version": "49", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 151, + "name": "Firefox", + "platform": "Win 7", + "version": "62", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 171, + "name": "Firefox", + "platform": "Win 10", + "version": "73", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4866, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 145, + "name": "Googlebot", + "version": "Feb 2018", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 100, + "name": "IE", + "platform": "XP", + "version": "6", + "isReference": false + }, + "errorCode": 1, + "attempts": 0 + }, + { + "client": { + "id": 19, + "name": "IE", + "platform": "Vista", + "version": "7", + "isReference": false + }, + "errorCode": 1, + "attempts": 0 + }, + { + "client": { + "id": 101, + "name": "IE", + "platform": "XP", + "version": "8", + "isReference": false + }, + "errorCode": 1, + "attempts": 0 + }, + { + "client": { + "id": 113, + "name": "IE", + "platform": "Win 7", + "version": "8-10", + "isReference": true + }, + "errorCode": 1, + "attempts": 0 + }, + { + "client": { + "id": 143, + "name": "IE", + "platform": "Win 7", + "version": "11", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49191, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 134, + "name": "IE", + "platform": "Win 8.1", + "version": "11", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49191, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 64, + "name": "IE", + "platform": "Win Phone 8.0", + "version": "10", + "isReference": false + }, + "errorCode": 1, + "attempts": 0 + }, + { + "client": { + "id": 65, + "name": "IE", + "platform": "Win Phone 8.1", + "version": "11", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49191, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 106, + "name": "IE", + "platform": "Win Phone 8.1 Update", + "version": "11", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49191, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 131, + "name": "IE", + "platform": "Win 10", + "version": "11", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 144, + "name": "Edge", + "platform": "Win 10", + "version": "15", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 159, + "name": "Edge", + "platform": "Win 10", + "version": "16", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 160, + "name": "Edge", + "platform": "Win 10", + "version": "18", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 120, + "name": "Edge", + "platform": "Win Phone 10", + "version": "13", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 25, + "name": "Java", + "version": "6u45", + "isReference": false + }, + "errorCode": 1, + "attempts": 0 + }, + { + "client": { + "id": 26, + "name": "Java", + "version": "7u25", + "isReference": false + }, + "errorCode": 1, + "attempts": 0 + }, + { + "client": { + "id": 147, + "name": "Java", + "version": "8u161", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 162, + "name": "Java", + "version": "11.0.3", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4866, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 163, + "name": "Java", + "version": "12.0.1", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4866, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 27, + "name": "OpenSSL", + "version": "0.9.8y", + "isReference": false + }, + "errorCode": 1, + "attempts": 0 + }, + { + "client": { + "id": 99, + "name": "OpenSSL", + "version": "1.0.1l", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 164, + "name": "OpenSSL", + "version": "1.0.2s", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 169, + "name": "OpenSSL", + "version": "1.1.0k", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 165, + "name": "OpenSSL", + "version": "1.1.1c", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4866, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 32, + "name": "Safari", + "platform": "OS X 10.6.8", + "version": "5.1.9", + "isReference": false + }, + "errorCode": 1, + "attempts": 0 + }, + { + "client": { + "id": 33, + "name": "Safari", + "platform": "iOS 6.0.1", + "version": "6", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49191, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 34, + "name": "Safari", + "platform": "OS X 10.8.4", + "version": "6.0.4", + "isReference": true + }, + "errorCode": 1, + "attempts": 0 + }, + { + "client": { + "id": 63, + "name": "Safari", + "platform": "iOS 7.1", + "version": "7", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49191, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 35, + "name": "Safari", + "platform": "OS X 10.9", + "version": "7", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49191, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 85, + "name": "Safari", + "platform": "iOS 8.4", + "version": "8", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49191, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 87, + "name": "Safari", + "platform": "OS X 10.10", + "version": "8", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49191, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 114, + "name": "Safari", + "platform": "iOS 9", + "version": "9", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 111, + "name": "Safari", + "platform": "OS X 10.11", + "version": "9", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 140, + "name": "Safari", + "platform": "iOS 10", + "version": "10", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 138, + "name": "Safari", + "platform": "OS X 10.12", + "version": "10", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 161, + "name": "Safari", + "platform": "MacOS 10.14.6 Beta", + "version": "12.1.2", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4866, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 166, + "name": "Safari", + "platform": "iOS 12.3.1", + "version": "12.1.1", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4866, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 112, + "name": "Apple ATS", + "platform": "iOS 9", + "version": "9", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 92, + "name": "Yahoo Slurp", + "version": "Jan 2015", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 93, + "name": "YandexBot", + "version": "Jan 2015", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49199, + "kxInfo": "ECDH secp256r1" + } + ] + }, + "heartbleed": false, + "heartbeat": false, + "openSslCcs": 1, + "openSSLLuckyMinus20": 1, + "poodle": false, + "poodleTls": 1, + "fallbackScsv": true, + "freak": false, + "hasSct": 1, + "logjam": false, + "hstsPolicy": { + "LONG_MAX_AGE": 15552000, + "header": "max-age=31536000", + "status": "present", + "maxAge": 31536000, + "directives": { + "max-age": "31536000" + } + }, + "hstsPreloads": [ + { + "source": "Chrome", + "hostname": "duckduckgo.com", + "status": "absent", + "sourceTime": 1608109802581 + }, + { + "source": "Edge", + "hostname": "duckduckgo.com", + "status": "absent", + "sourceTime": 1608111661651 + }, + { + "source": "Firefox", + "hostname": "duckduckgo.com", + "status": "absent", + "sourceTime": 1608111661651 + }, + { + "source": "IE", + "hostname": "duckduckgo.com", + "status": "absent", + "sourceTime": 1608111661651 + } + ], + "hpkpPolicy": { + "status": "absent", + "pins": [], + "matchedPins": [], + "directives": [] + }, + "hpkpRoPolicy": { + "status": "absent", + "pins": [], + "matchedPins": [], + "directives": [] + }, + "drownHosts": [], + "drownErrors": false, + "drownVulnerable": false + } + } + ] +} \ No newline at end of file diff --git a/sample/google.com.json b/sample/google.com.json index fb6814e..16d7f86 100644 --- a/sample/google.com.json +++ b/sample/google.com.json @@ -1,28 +1,28 @@ { "host": "google.com", "port": 443, - "protocol": "HTTP", + "protocol": "http", "isPublic": false, "status": "READY", - "startTime": 1554368435610, - "testTime": 1554368615496, - "engineVersion": "1.33.1", - "criteriaVersion": "2009p", + "startTime": 1608111800657, + "testTime": 1608112017068, + "engineVersion": "2.1.8", + "criteriaVersion": "2009q", "endpoints": [ { - "ipAddress": "216.58.195.238", - "serverName": "sfo03s06-in-f238.1e100.net", + "ipAddress": "216.58.194.206", + "serverName": "sfo03s01-in-f206.1e100.net", "statusMessage": "Ready", - "grade": "A", - "gradeTrustIgnored": "A", + "grade": "B", + "gradeTrustIgnored": "B", "hasWarnings": false, "isExceptional": false, "progress": 100, - "duration": 94808, + "duration": 107078, "eta": 1, "delegation": 1, "details": { - "hostStartTime": 1554368435610, + "hostStartTime": 1608111800657, "key": { "size": 256, "alg": "EC", @@ -37,11 +37,15 @@ "*.google.com", "*.android.com", "*.appengine.google.com", + "*.bdn.dev", "*.cloud.google.com", "*.crowdsource.google.com", + "*.datacompute.google.com", "*.g.co", "*.gcp.gvt2.com", + "*.gcpcdn.gvt1.com", "*.ggpht.cn", + "*.gkecnapps.cn", "*.google-analytics.com", "*.google.ca", "*.google.cl", @@ -76,6 +80,7 @@ "*.metric.gstatic.com", "*.urchin.com", "*.url.google.com", + "*.wear.gkecnapps.cn", "*.youtube-nocookie.com", "*.youtube.com", "*.youtubeeducation.com", @@ -88,6 +93,7 @@ "developers.android.google.cn", "g.co", "ggpht.cn", + "gkecnapps.cn", "goo.gl", "google-analytics.com", "google.com", @@ -102,37 +108,37 @@ "youtubekids.com", "yt.be" ], - "notBefore": 1551433437000, - "notAfter": 1558689900000, - "issuerSubject": "CN=Google Internet Authority G3, O=Google Trust Services, C=US", - "issuerLabel": "Google Internet Authority G3", + "notBefore": 1605018883000, + "notAfter": 1612276482000, + "issuerSubject": "CN=GTS CA 1O1, O=Google Trust Services, C=US", + "issuerLabel": "GTS CA 1O1", "sigAlg": "SHA256withRSA", "revocationInfo": 3, "crlURIs": [ - "http://crl.pki.goog/GTSGIAG3.crl" + "http://crl.pki.goog/GTS1O1core.crl" ], "ocspURIs": [ - "http://ocsp.pki.goog/GTSGIAG3" + "http://ocsp.pki.goog/gts1o1core" ], "revocationStatus": 2, "crlRevocationStatus": 2, "ocspRevocationStatus": 2, "sgc": 0, "issues": 0, - "sct": false, + "sct": true, "mustStaple": 0, - "sha1Hash": "f81e3171fa085bc04c83b6644b9f229f0cba8e57", - "pinSha256": "1T073i1JjmCuCjyUSt2gTRL4iGbrP3r8aeJjYFxn7F0=" + "sha1Hash": "e48943d96a40d534b9337ee5eda976d2201d2ebf", + "pinSha256": "U3xTWXJOd447ON2zOz9w35qNaPAJDpqlFO4Jt/443us=" }, "chain": { "certs": [ { "subject": "CN=*.google.com, O=Google LLC, L=Mountain View, ST=California, C=US", "label": "*.google.com", - "notBefore": 1551433437000, - "notAfter": 1558689900000, - "issuerSubject": "CN=Google Internet Authority G3, O=Google Trust Services, C=US", - "issuerLabel": "Google Internet Authority G3", + "notBefore": 1605018883000, + "notAfter": 1612276482000, + "issuerSubject": "CN=GTS CA 1O1, O=Google Trust Services, C=US", + "issuerLabel": "GTS CA 1O1", "sigAlg": "SHA256withRSA", "issues": 0, "keyAlg": "EC", @@ -141,13 +147,13 @@ "revocationStatus": 2, "crlRevocationStatus": 2, "ocspRevocationStatus": 2, - "sha1Hash": "f81e3171fa085bc04c83b6644b9f229f0cba8e57", - "pinSha256": "1T073i1JjmCuCjyUSt2gTRL4iGbrP3r8aeJjYFxn7F0=", - "raw": "-----BEGIN CERTIFICATE-----\nMIIIDTCCBvWgAwIBAgIQdCdvtO3S1SGVFWeeric83zANBgkqhkiG9w0BAQsFADBUMQswCQYDVQQG\r\nEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNlcnZpY2VzMSUwIwYDVQQDExxHb29nbGUgSW50\r\nZXJuZXQgQXV0aG9yaXR5IEczMB4XDTE5MDMwMTA5NDM1N1oXDTE5MDUyNDA5MjUwMFowZjELMAkG\r\nA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxEzAR\r\nBgNVBAoMCkdvb2dsZSBMTEMxFTATBgNVBAMMDCouZ29vZ2xlLmNvbTBZMBMGByqGSM49AgEGCCqG\r\nSM49AwEHA0IABDos6V7pCUxMZ2A8pDa+je+faVgctzvOrRwMQCXWKgsUymr7357AkjKx2PnN2NHf\r\nt7Ua/aqD/nKV7p4DdMEU9SWjggWSMIIFjjATBgNVHSUEDDAKBggrBgEFBQcDATAOBgNVHQ8BAf8E\r\nBAMCB4AwggRXBgNVHREEggROMIIESoIMKi5nb29nbGUuY29tgg0qLmFuZHJvaWQuY29tghYqLmFw\r\ncGVuZ2luZS5nb29nbGUuY29tghIqLmNsb3VkLmdvb2dsZS5jb22CGCouY3Jvd2Rzb3VyY2UuZ29v\r\nZ2xlLmNvbYIGKi5nLmNvgg4qLmdjcC5ndnQyLmNvbYIKKi5nZ3BodC5jboIWKi5nb29nbGUtYW5h\r\nbHl0aWNzLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNsgg4qLmdvb2dsZS5jby5pboIOKi5n\r\nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVrgg8qLmdvb2dsZS5jb20uYXKCDyouZ29vZ2xlLmNv\r\nbS5hdYIPKi5nb29nbGUuY29tLmJygg8qLmdvb2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIP\r\nKi5nb29nbGUuY29tLnRygg8qLmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5l\r\nc4ILKi5nb29nbGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29nbGUubmyCCyou\r\nZ29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMuY29tgg8qLmdvb2dsZWFwaXMu\r\nY26CESouZ29vZ2xlY25hcHBzLmNughQqLmdvb2dsZWNvbW1lcmNlLmNvbYIRKi5nb29nbGV2aWRl\r\nby5jb22CDCouZ3N0YXRpYy5jboINKi5nc3RhdGljLmNvbYISKi5nc3RhdGljY25hcHBzLmNuggoq\r\nLmd2dDEuY29tggoqLmd2dDIuY29tghQqLm1ldHJpYy5nc3RhdGljLmNvbYIMKi51cmNoaW4uY29t\r\nghAqLnVybC5nb29nbGUuY29tghYqLnlvdXR1YmUtbm9jb29raWUuY29tgg0qLnlvdXR1YmUuY29t\r\nghYqLnlvdXR1YmVlZHVjYXRpb24uY29tghEqLnlvdXR1YmVraWRzLmNvbYIHKi55dC5iZYILKi55\r\ndGltZy5jb22CGmFuZHJvaWQuY2xpZW50cy5nb29nbGUuY29tggthbmRyb2lkLmNvbYIbZGV2ZWxv\r\ncGVyLmFuZHJvaWQuZ29vZ2xlLmNughxkZXZlbG9wZXJzLmFuZHJvaWQuZ29vZ2xlLmNuggRnLmNv\r\ngghnZ3BodC5jboIGZ29vLmdsghRnb29nbGUtYW5hbHl0aWNzLmNvbYIKZ29vZ2xlLmNvbYIPZ29v\r\nZ2xlY25hcHBzLmNughJnb29nbGVjb21tZXJjZS5jb22CGHNvdXJjZS5hbmRyb2lkLmdvb2dsZS5j\r\nboIKdXJjaGluLmNvbYIKd3d3Lmdvby5nbIIIeW91dHUuYmWCC3lvdXR1YmUuY29tghR5b3V0dWJl\r\nZWR1Y2F0aW9uLmNvbYIPeW91dHViZWtpZHMuY29tggV5dC5iZTBoBggrBgEFBQcBAQRcMFowLQYI\r\nKwYBBQUHMAKGIWh0dHA6Ly9wa2kuZ29vZy9nc3IyL0dUU0dJQUczLmNydDApBggrBgEFBQcwAYYd\r\naHR0cDovL29jc3AucGtpLmdvb2cvR1RTR0lBRzMwHQYDVR0OBBYEFK0EWGE69tfHVmsgC1gJeREi\r\n92m2MAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUd8K4UJpndnaxLcKG0IOgfqZ+ukswIQYDVR0g\r\nBBowGDAMBgorBgEEAdZ5AgUDMAgGBmeBDAECAjAxBgNVHR8EKjAoMCagJKAihiBodHRwOi8vY3Js\r\nLnBraS5nb29nL0dUU0dJQUczLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAiRzb/eu7AaK8KDzrumNr\r\niEbEhbWG5KH/ae54vRKJGLSBl9YT6bJ/u4IRNXSiigF6ZAfThvloPiMmYqxXB4BzclQBP5Deercs\r\njLRwos6QTPbKryU+SYfO/s0VtOYRCRISpG1gbPJLZPjaAw/P56khVTCVErjUXkSC5ReMIKuzfQ3V\r\n2HE8zsmioS0rFT39P6QujhcwMmOq0IeJnemwtxzqDvrN/ReqE7sdJq9Ze43vJDGvGZfUxJjHblWt\r\nsDNtqxMdMYZosRyo1YT6DZRjUDUEj3kr/z7oRjn96mRiC4AIebe5HCGHuBWxfXw2G/5PDD1Z0wdN\r\nQ4U04nzWE2bBl/VNlA==\r\n-----END CERTIFICATE-----\n" + "sha1Hash": "e48943d96a40d534b9337ee5eda976d2201d2ebf", + "pinSha256": "U3xTWXJOd447ON2zOz9w35qNaPAJDpqlFO4Jt/443us=", + "raw": "-----BEGIN CERTIFICATE-----\nMIIJcTCCCFmgAwIBAgIQbkMYuNeQFlwDAAAAALrbijANBgkqhkiG9w0BAQsFADBCMQswCQYDVQQG\r\nEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNlcnZpY2VzMRMwEQYDVQQDEwpHVFMgQ0EgMU8x\r\nMB4XDTIwMTExMDE0MzQ0M1oXDTIxMDIwMjE0MzQ0MlowZjELMAkGA1UEBhMCVVMxEzARBgNVBAgT\r\nCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxEzARBgNVBAoTCkdvb2dsZSBMTEMx\r\nFTATBgNVBAMMDCouZ29vZ2xlLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFIhx27fGJ+R\r\n9kmype5uzK8Ka/rxmEk/J/QovXjqMP/TkMyS2fVTcIQ5gYCxxh6ottMx5iAB+9Q0Kg7qLsJAP/qj\r\nggcIMIIHBDAOBgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIw\r\nADAdBgNVHQ4EFgQUhekgVwayZa1bqtk9uha5R6cvJHEwHwYDVR0jBBgwFoAUmNH4bhDrz5vsYJ8Y\r\nkBug630J/SswaAYIKwYBBQUHAQEEXDBaMCsGCCsGAQUFBzABhh9odHRwOi8vb2NzcC5wa2kuZ29v\r\nZy9ndHMxbzFjb3JlMCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2cvZ3NyMi9HVFMxTzEuY3J0\r\nMIIEwgYDVR0RBIIEuTCCBLWCDCouZ29vZ2xlLmNvbYINKi5hbmRyb2lkLmNvbYIWKi5hcHBlbmdp\r\nbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghIqLmNsb3VkLmdvb2dsZS5jb22CGCouY3Jvd2Rzb3Vy\r\nY2UuZ29vZ2xlLmNvbYIYKi5kYXRhY29tcHV0ZS5nb29nbGUuY29tggYqLmcuY2+CDiouZ2NwLmd2\r\ndDIuY29tghEqLmdjcGNkbi5ndnQxLmNvbYIKKi5nZ3BodC5jboIOKi5na2VjbmFwcHMuY26CFiou\r\nZ29vZ2xlLWFuYWx5dGljcy5jb22CCyouZ29vZ2xlLmNhggsqLmdvb2dsZS5jbIIOKi5nb29nbGUu\r\nY28uaW6CDiouZ29vZ2xlLmNvLmpwgg4qLmdvb2dsZS5jby51a4IPKi5nb29nbGUuY29tLmFygg8q\r\nLmdvb2dsZS5jb20uYXWCDyouZ29vZ2xlLmNvbS5icoIPKi5nb29nbGUuY29tLmNvgg8qLmdvb2ds\r\nZS5jb20ubXiCDyouZ29vZ2xlLmNvbS50coIPKi5nb29nbGUuY29tLnZuggsqLmdvb2dsZS5kZYIL\r\nKi5nb29nbGUuZXOCCyouZ29vZ2xlLmZyggsqLmdvb2dsZS5odYILKi5nb29nbGUuaXSCCyouZ29v\r\nZ2xlLm5sggsqLmdvb2dsZS5wbIILKi5nb29nbGUucHSCEiouZ29vZ2xlYWRhcGlzLmNvbYIPKi5n\r\nb29nbGVhcGlzLmNughEqLmdvb2dsZWNuYXBwcy5jboIUKi5nb29nbGVjb21tZXJjZS5jb22CESou\r\nZ29vZ2xldmlkZW8uY29tggwqLmdzdGF0aWMuY26CDSouZ3N0YXRpYy5jb22CEiouZ3N0YXRpY2Nu\r\nYXBwcy5jboIKKi5ndnQxLmNvbYIKKi5ndnQyLmNvbYIUKi5tZXRyaWMuZ3N0YXRpYy5jb22CDCou\r\ndXJjaGluLmNvbYIQKi51cmwuZ29vZ2xlLmNvbYITKi53ZWFyLmdrZWNuYXBwcy5jboIWKi55b3V0\r\ndWJlLW5vY29va2llLmNvbYINKi55b3V0dWJlLmNvbYIWKi55b3V0dWJlZWR1Y2F0aW9uLmNvbYIR\r\nKi55b3V0dWJla2lkcy5jb22CByoueXQuYmWCCyoueXRpbWcuY29tghphbmRyb2lkLmNsaWVudHMu\r\nZ29vZ2xlLmNvbYILYW5kcm9pZC5jb22CG2RldmVsb3Blci5hbmRyb2lkLmdvb2dsZS5jboIcZGV2\r\nZWxvcGVycy5hbmRyb2lkLmdvb2dsZS5jboIEZy5jb4IIZ2dwaHQuY26CDGdrZWNuYXBwcy5jboIG\r\nZ29vLmdsghRnb29nbGUtYW5hbHl0aWNzLmNvbYIKZ29vZ2xlLmNvbYIPZ29vZ2xlY25hcHBzLmNu\r\nghJnb29nbGVjb21tZXJjZS5jb22CGHNvdXJjZS5hbmRyb2lkLmdvb2dsZS5jboIKdXJjaGluLmNv\r\nbYIKd3d3Lmdvby5nbIIIeW91dHUuYmWCC3lvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNv\r\nbYIPeW91dHViZWtpZHMuY29tggV5dC5iZTAhBgNVHSAEGjAYMAgGBmeBDAECAjAMBgorBgEEAdZ5\r\nAgUDMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwucGtpLmdvb2cvR1RTMU8xY29yZS5jcmww\r\nggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgD2XJQv0XcwIhRUGAgwlFaO400TGTO/3wwvIAvMTvFk\r\n4wAAAXWyy4p7AAAEAwBHMEUCIBaIfxadDwtOlUoYpiV6u+B0G04PZv17JeceTO7xYjEfAiEA/S0V\r\ntKdopPSFFmnqlBWlliDGsn27KFh1aR9YtoSz41IAdwBElGUusO7Or8RAB9io/ijA2uaCvtjLMbU/\r\n0zOWtbaBqAAAAXWyy4rUAAAEAwBIMEYCIQDWKWwFnf9CaLYGWYqvKNRlryN0m6eQxwTP8uM54yq6\r\n3gIhAMWeB6x3v7qm3B6PmUMQRlVZaDR3FOcaz2V7O/88tHtfMA0GCSqGSIb3DQEBCwUAA4IBAQCE\r\naoPOwtxgWQb8UJYtXQTuHxxQLF2mcPwAFHszxvOJNXdCplX1G+X+fkrA3cKXgv3CoQy5xs6eRzXR\r\nKoAAUtFmki++5dvgufiMYnSnyPe62x6bcUkowoGMFjLwCA91w7vqSZ2Gnd26YbfLcABonmAb/1Hy\r\nYOxD1l1wn0kOgRBsV3MLEuVoQ+eZ3yWG38WkwzPGtSvAV+6dzWbGu+XC3BT9XhwvQ5WwABMGxPZr\r\nAW4aqW0ArD1gzr1iSz4W0pBWtwYynme0SwfqTf7VJQYKpevuF4bQNOuMy+8E2kouClssLDQ3HOJZ\r\nKkyn3byIK0NCee1+DTNQX0hl6e/f6va5HaiJ\r\n-----END CERTIFICATE-----\n" }, { - "subject": "CN=Google Internet Authority G3, O=Google Trust Services, C=US", - "label": "Google Internet Authority G3", + "subject": "CN=GTS CA 1O1, O=Google Trust Services, C=US", + "label": "GTS CA 1O1", "notBefore": 1497484842000, "notAfter": 1639526442000, "issuerSubject": "CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2", @@ -160,9 +166,9 @@ "revocationStatus": 2, "crlRevocationStatus": 2, "ocspRevocationStatus": 2, - "sha1Hash": "eeacbd0cb452819577911e1e6203db262f84a318", - "pinSha256": "f8NnEFZxQ4ExFOhSN7EiFWtiudZQVD2oY60uauV/n78=", - "raw": "-----BEGIN CERTIFICATE-----\nMIIEXDCCA0SgAwIBAgINAeOpMBz8cgY4P5pTHTANBgkqhkiG9w0BAQsFADBMMSAwHgYDVQQLExdH\r\nbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xv\r\nYmFsU2lnbjAeFw0xNzA2MTUwMDAwNDJaFw0yMTEyMTUwMDAwNDJaMFQxCzAJBgNVBAYTAlVTMR4w\r\nHAYDVQQKExVHb29nbGUgVHJ1c3QgU2VydmljZXMxJTAjBgNVBAMTHEdvb2dsZSBJbnRlcm5ldCBB\r\ndXRob3JpdHkgRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKUkvqHv/OJGuo2nIY\r\naNVWXQ5IWi01CXZaz6TIHLGp/lOJ+600/4hbn7vn6AAB3DVzdQOts7G5pH0rJnnOFUAK71G4nzKM\r\nfHCGUksW/mona+Y2emJQ2N+aicwJKetPKRSIgAuPOB6Aahh8Hb2XO3h9RUk2T0HNouB2VzxoMXlk\r\nyW7XUR5mw6JkLHnA52XDVoRTWkNty5oCINLvGmnRsJ1zouAqYGVQMc/7sy+/EYhALrVJEA8KbtyX\r\n+r8snwU5C1hUrwaW6MWOARa8qBpNQcWTkaIeoYvy/sGIJEmjR0vFEwHdp1cSaWIr6/4g72n7OqXw\r\nfinu7ZYW97EfoOSQJeAzAgMBAAGjggEzMIIBLzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYI\r\nKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHfCuFCaZ3Z2\r\nsS3ChtCDoH6mfrpLMB8GA1UdIwQYMBaAFJviB1dnHB7AagbeWbSaLd/cGYYuMDUGCCsGAQUFBwEB\r\nBCkwJzAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AucGtpLmdvb2cvZ3NyMjAyBgNVHR8EKzApMCeg\r\nJaAjhiFodHRwOi8vY3JsLnBraS5nb29nL2dzcjIvZ3NyMi5jcmwwPwYDVR0gBDgwNjA0BgZngQwB\r\nAgIwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly9wa2kuZ29vZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0B\r\nAQsFAAOCAQEAHLeJluRT7bvs26gyAZ8so81trUISd7O45skDUmAge1cnxhG1P2cNmSxbWsoiCt2e\r\nux9LSD+PAj2LIYRFHW31/6xoic1k4tbWXkDCjir37xTTNqRAMPUyFRWSdvt+nlPqwnb8Oa2I/maS\r\nJukcxDjNSfpDh/Bd1lZNgdd/8cLdsE3+wypufJ9uXO1iQpnh9zbuFIwsIONGl1p3A8CgxkqI/UAi\r\nh3JaGOqcpcdaCIzkBaR9uYQ1X4k2Vg5APRLouzVy7a8IVk6wuy6pm+T7HT4LY8ibS5FEZlfAFLSW\r\n8NwsVz9SBK2Vqn1N0PIMn5xA6NZVc7o835DLAFshEWfC7TIe3g==\r\n-----END CERTIFICATE-----\n" + "sha1Hash": "dfe2070c79e7ff36a925ffa327ffe3deecf8f9c2", + "pinSha256": "YZPgTZ+woNCCCIW3LH2CxQeLzB/1m42QcCTBSdgayjs=", + "raw": "-----BEGIN CERTIFICATE-----\nMIIESjCCAzKgAwIBAgINAeO0mqGNiqmBJWlQuDANBgkqhkiG9w0BAQsFADBMMSAwHgYDVQQLExdH\r\nbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xv\r\nYmFsU2lnbjAeFw0xNzA2MTUwMDAwNDJaFw0yMTEyMTUwMDAwNDJaMEIxCzAJBgNVBAYTAlVTMR4w\r\nHAYDVQQKExVHb29nbGUgVHJ1c3QgU2VydmljZXMxEzARBgNVBAMTCkdUUyBDQSAxTzEwggEiMA0G\r\nCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQGM9F1IvN05zkQO9+tN1pIRvJzzyOTHW5DzEZhD2e\r\nPCnvUA0Qk28FgICfKqC9EksC4T2fWBYk/jCfC3R3VZMdS/dN4ZKCEPZRrAzDsiKUDzRrmBBJ5wud\r\ngzndIMYcLe/RGGFl5yODIKgjEv/SJH/UL+dEaltN11BmsK+eQmMF++AcxGNhr59qM/9il71I2dN8\r\nFGfcddwuaej4bXhp0LcQBbjxMcI7JP0aM3T4I+DsaxmKFsbjzaTNC9uzpFlgOIg7rR25xoynUxv8\r\nvNmkq7zdPGHXkxWY7oG9j+JkRyBABk7XrJfoucBZEqFJJSPk7XA0LKW0Y3z5oz2D0c1tJKwHAgMB\r\nAAGjggEzMIIBLzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC\r\nMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFJjR+G4Q68+b7GCfGJAboOt9Cf0rMB8GA1Ud\r\nIwQYMBaAFJviB1dnHB7AagbeWbSaLd/cGYYuMDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcwAYYZ\r\naHR0cDovL29jc3AucGtpLmdvb2cvZ3NyMjAyBgNVHR8EKzApMCegJaAjhiFodHRwOi8vY3JsLnBr\r\naS5nb29nL2dzcjIvZ3NyMi5jcmwwPwYDVR0gBDgwNjA0BgZngQwBAgIwKjAoBggrBgEFBQcCARYc\r\naHR0cHM6Ly9wa2kuZ29vZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAGoA+Nnn78y6p\r\nRjd9XlQWNa7HTgiZ/r3RNGkmUmYHPQq6Scti9PEajvwRT2iWTHQr02fesqOqBY2ETUwgZQ+lltoN\r\nFvhsO9tvBCOIazpswWC9aJ9xju4tWDQH8NVU6YZZ/XteDSGU9YzJqPjY8q3MDxrzmqepBCf5o8mw\r\n/wJ4a2G6xzUr6Fb6T8McDO22PLRL6u3M4Tzs3A2M1j6bykJYi8wWIRdAvKLWZu/axBVbzYmqmwkm\r\n5zLSDW5nIAJbELCQCZwMH56t2Dvqofxs6BBcCFIZUSpxu6x6td0V7SvJCCosirSmIatj/9dSSVDQ\r\nibet8q/7UK4v4ZUN80atnZz1yg==\r\n-----END CERTIFICATE-----\n" } ], "issues": 0 @@ -437,7 +443,7 @@ }, { "client": { - "id": 139, + "id": 167, "name": "Android", "version": "7.0", "isReference": false @@ -448,6 +454,45 @@ "suiteId": 52393, "kxInfo": "ECDH x25519" }, + { + "client": { + "id": 168, + "name": "Android", + "version": "8.0", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 52393, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 157, + "name": "Android", + "version": "8.1", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4867, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 158, + "name": "Android", + "version": "9.0", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4867, + "kxInfo": "ECDH x25519" + }, { "client": { "id": 94, @@ -516,6 +561,20 @@ "suiteId": 4865, "kxInfo": "ECDH x25519" }, + { + "client": { + "id": 170, + "name": "Chrome", + "platform": "Win 10", + "version": "80", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4865, + "kxInfo": "ECDH x25519" + }, { "client": { "id": 84, @@ -572,6 +631,20 @@ "suiteId": 49195, "kxInfo": "ECDH x25519" }, + { + "client": { + "id": 171, + "name": "Firefox", + "platform": "Win 10", + "version": "73", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4865, + "kxInfo": "ECDH x25519" + }, { "client": { "id": 145, @@ -735,6 +808,34 @@ "suiteId": 49195, "kxInfo": "ECDH x25519" }, + { + "client": { + "id": 159, + "name": "Edge", + "platform": "Win 10", + "version": "16", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49195, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 160, + "name": "Edge", + "platform": "Win 10", + "version": "18", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49195, + "kxInfo": "ECDH x25519" + }, { "client": { "id": 120, @@ -787,6 +888,32 @@ "suiteId": 49195, "kxInfo": "ECDH secp256r1" }, + { + "client": { + "id": 162, + "name": "Java", + "version": "11.0.3", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4865, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 163, + "name": "Java", + "version": "12.0.1", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4865, + "kxInfo": "ECDH secp256r1" + }, { "client": { "id": 27, @@ -814,17 +941,43 @@ }, { "client": { - "id": 121, + "id": 164, "name": "OpenSSL", - "version": "1.0.2e", + "version": "1.0.2s", "isReference": true }, "errorCode": 0, "attempts": 1, "protocolId": 771, - "suiteId": 49195, + "suiteId": 49199, "kxInfo": "ECDH secp256r1" }, + { + "client": { + "id": 169, + "name": "OpenSSL", + "version": "1.1.0k", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 52393, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 165, + "name": "OpenSSL", + "version": "1.1.1c", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4866, + "kxInfo": "ECDH x25519" + }, { "client": { "id": 32, @@ -979,6 +1132,34 @@ "suiteId": 49195, "kxInfo": "ECDH secp256r1" }, + { + "client": { + "id": 161, + "name": "Safari", + "platform": "MacOS 10.14.6 Beta", + "version": "12.1.2", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4867, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 166, + "name": "Safari", + "platform": "iOS 12.3.1", + "version": "12.1.1", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4867, + "kxInfo": "ECDH x25519" + }, { "client": { "id": 112, @@ -1029,7 +1210,7 @@ "poodleTls": 1, "fallbackScsv": true, "freak": false, - "hasSct": 4, + "hasSct": 1, "logjam": false, "chaCha20Preference": true, "hstsPolicy": { @@ -1042,25 +1223,25 @@ "source": "Chrome", "hostname": "google.com", "status": "absent", - "sourceTime": 1554367441126 + "sourceTime": 1608109802581 }, { "source": "Edge", "hostname": "google.com", "status": "absent", - "sourceTime": 1554367442684 + "sourceTime": 1608111661651 }, { "source": "Firefox", "hostname": "google.com", "status": "absent", - "sourceTime": 1554367442684 + "sourceTime": 1608111661651 }, { "source": "IE", "hostname": "google.com", "status": "absent", - "sourceTime": 1554367442684 + "sourceTime": 1608111661651 } ], "hpkpPolicy": { @@ -1081,19 +1262,19 @@ } }, { - "ipAddress": "2607:f8b0:4005:806:0:0:0:200e", - "serverName": "sfo03s06-in-x0e.1e100.net", + "ipAddress": "2607:f8b0:4005:805:0:0:0:200e", + "serverName": "sfo03s01-in-x0e.1e100.net", "statusMessage": "Ready", - "grade": "A", - "gradeTrustIgnored": "A", + "grade": "B", + "gradeTrustIgnored": "B", "hasWarnings": false, "isExceptional": false, "progress": 100, - "duration": 84948, + "duration": 109225, "eta": 0, "delegation": 1, "details": { - "hostStartTime": 1554368435610, + "hostStartTime": 1608111800657, "key": { "size": 256, "alg": "EC", @@ -1108,11 +1289,15 @@ "*.google.com", "*.android.com", "*.appengine.google.com", + "*.bdn.dev", "*.cloud.google.com", "*.crowdsource.google.com", + "*.datacompute.google.com", "*.g.co", "*.gcp.gvt2.com", + "*.gcpcdn.gvt1.com", "*.ggpht.cn", + "*.gkecnapps.cn", "*.google-analytics.com", "*.google.ca", "*.google.cl", @@ -1147,6 +1332,7 @@ "*.metric.gstatic.com", "*.urchin.com", "*.url.google.com", + "*.wear.gkecnapps.cn", "*.youtube-nocookie.com", "*.youtube.com", "*.youtubeeducation.com", @@ -1159,6 +1345,7 @@ "developers.android.google.cn", "g.co", "ggpht.cn", + "gkecnapps.cn", "goo.gl", "google-analytics.com", "google.com", @@ -1173,37 +1360,37 @@ "youtubekids.com", "yt.be" ], - "notBefore": 1551433437000, - "notAfter": 1558689900000, - "issuerSubject": "CN=Google Internet Authority G3, O=Google Trust Services, C=US", - "issuerLabel": "Google Internet Authority G3", + "notBefore": 1605018883000, + "notAfter": 1612276482000, + "issuerSubject": "CN=GTS CA 1O1, O=Google Trust Services, C=US", + "issuerLabel": "GTS CA 1O1", "sigAlg": "SHA256withRSA", "revocationInfo": 3, "crlURIs": [ - "http://crl.pki.goog/GTSGIAG3.crl" + "http://crl.pki.goog/GTS1O1core.crl" ], "ocspURIs": [ - "http://ocsp.pki.goog/GTSGIAG3" + "http://ocsp.pki.goog/gts1o1core" ], "revocationStatus": 2, "crlRevocationStatus": 2, "ocspRevocationStatus": 2, "sgc": 0, "issues": 0, - "sct": false, + "sct": true, "mustStaple": 0, - "sha1Hash": "f81e3171fa085bc04c83b6644b9f229f0cba8e57", - "pinSha256": "1T073i1JjmCuCjyUSt2gTRL4iGbrP3r8aeJjYFxn7F0=" + "sha1Hash": "e48943d96a40d534b9337ee5eda976d2201d2ebf", + "pinSha256": "U3xTWXJOd447ON2zOz9w35qNaPAJDpqlFO4Jt/443us=" }, "chain": { "certs": [ { "subject": "CN=*.google.com, O=Google LLC, L=Mountain View, ST=California, C=US", "label": "*.google.com", - "notBefore": 1551433437000, - "notAfter": 1558689900000, - "issuerSubject": "CN=Google Internet Authority G3, O=Google Trust Services, C=US", - "issuerLabel": "Google Internet Authority G3", + "notBefore": 1605018883000, + "notAfter": 1612276482000, + "issuerSubject": "CN=GTS CA 1O1, O=Google Trust Services, C=US", + "issuerLabel": "GTS CA 1O1", "sigAlg": "SHA256withRSA", "issues": 0, "keyAlg": "EC", @@ -1212,13 +1399,13 @@ "revocationStatus": 2, "crlRevocationStatus": 2, "ocspRevocationStatus": 2, - "sha1Hash": "f81e3171fa085bc04c83b6644b9f229f0cba8e57", - "pinSha256": "1T073i1JjmCuCjyUSt2gTRL4iGbrP3r8aeJjYFxn7F0=", - "raw": "-----BEGIN CERTIFICATE-----\nMIIIDTCCBvWgAwIBAgIQdCdvtO3S1SGVFWeeric83zANBgkqhkiG9w0BAQsFADBUMQswCQYDVQQG\r\nEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNlcnZpY2VzMSUwIwYDVQQDExxHb29nbGUgSW50\r\nZXJuZXQgQXV0aG9yaXR5IEczMB4XDTE5MDMwMTA5NDM1N1oXDTE5MDUyNDA5MjUwMFowZjELMAkG\r\nA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxEzAR\r\nBgNVBAoMCkdvb2dsZSBMTEMxFTATBgNVBAMMDCouZ29vZ2xlLmNvbTBZMBMGByqGSM49AgEGCCqG\r\nSM49AwEHA0IABDos6V7pCUxMZ2A8pDa+je+faVgctzvOrRwMQCXWKgsUymr7357AkjKx2PnN2NHf\r\nt7Ua/aqD/nKV7p4DdMEU9SWjggWSMIIFjjATBgNVHSUEDDAKBggrBgEFBQcDATAOBgNVHQ8BAf8E\r\nBAMCB4AwggRXBgNVHREEggROMIIESoIMKi5nb29nbGUuY29tgg0qLmFuZHJvaWQuY29tghYqLmFw\r\ncGVuZ2luZS5nb29nbGUuY29tghIqLmNsb3VkLmdvb2dsZS5jb22CGCouY3Jvd2Rzb3VyY2UuZ29v\r\nZ2xlLmNvbYIGKi5nLmNvgg4qLmdjcC5ndnQyLmNvbYIKKi5nZ3BodC5jboIWKi5nb29nbGUtYW5h\r\nbHl0aWNzLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNsgg4qLmdvb2dsZS5jby5pboIOKi5n\r\nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVrgg8qLmdvb2dsZS5jb20uYXKCDyouZ29vZ2xlLmNv\r\nbS5hdYIPKi5nb29nbGUuY29tLmJygg8qLmdvb2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIP\r\nKi5nb29nbGUuY29tLnRygg8qLmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5l\r\nc4ILKi5nb29nbGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29nbGUubmyCCyou\r\nZ29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMuY29tgg8qLmdvb2dsZWFwaXMu\r\nY26CESouZ29vZ2xlY25hcHBzLmNughQqLmdvb2dsZWNvbW1lcmNlLmNvbYIRKi5nb29nbGV2aWRl\r\nby5jb22CDCouZ3N0YXRpYy5jboINKi5nc3RhdGljLmNvbYISKi5nc3RhdGljY25hcHBzLmNuggoq\r\nLmd2dDEuY29tggoqLmd2dDIuY29tghQqLm1ldHJpYy5nc3RhdGljLmNvbYIMKi51cmNoaW4uY29t\r\nghAqLnVybC5nb29nbGUuY29tghYqLnlvdXR1YmUtbm9jb29raWUuY29tgg0qLnlvdXR1YmUuY29t\r\nghYqLnlvdXR1YmVlZHVjYXRpb24uY29tghEqLnlvdXR1YmVraWRzLmNvbYIHKi55dC5iZYILKi55\r\ndGltZy5jb22CGmFuZHJvaWQuY2xpZW50cy5nb29nbGUuY29tggthbmRyb2lkLmNvbYIbZGV2ZWxv\r\ncGVyLmFuZHJvaWQuZ29vZ2xlLmNughxkZXZlbG9wZXJzLmFuZHJvaWQuZ29vZ2xlLmNuggRnLmNv\r\ngghnZ3BodC5jboIGZ29vLmdsghRnb29nbGUtYW5hbHl0aWNzLmNvbYIKZ29vZ2xlLmNvbYIPZ29v\r\nZ2xlY25hcHBzLmNughJnb29nbGVjb21tZXJjZS5jb22CGHNvdXJjZS5hbmRyb2lkLmdvb2dsZS5j\r\nboIKdXJjaGluLmNvbYIKd3d3Lmdvby5nbIIIeW91dHUuYmWCC3lvdXR1YmUuY29tghR5b3V0dWJl\r\nZWR1Y2F0aW9uLmNvbYIPeW91dHViZWtpZHMuY29tggV5dC5iZTBoBggrBgEFBQcBAQRcMFowLQYI\r\nKwYBBQUHMAKGIWh0dHA6Ly9wa2kuZ29vZy9nc3IyL0dUU0dJQUczLmNydDApBggrBgEFBQcwAYYd\r\naHR0cDovL29jc3AucGtpLmdvb2cvR1RTR0lBRzMwHQYDVR0OBBYEFK0EWGE69tfHVmsgC1gJeREi\r\n92m2MAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUd8K4UJpndnaxLcKG0IOgfqZ+ukswIQYDVR0g\r\nBBowGDAMBgorBgEEAdZ5AgUDMAgGBmeBDAECAjAxBgNVHR8EKjAoMCagJKAihiBodHRwOi8vY3Js\r\nLnBraS5nb29nL0dUU0dJQUczLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAiRzb/eu7AaK8KDzrumNr\r\niEbEhbWG5KH/ae54vRKJGLSBl9YT6bJ/u4IRNXSiigF6ZAfThvloPiMmYqxXB4BzclQBP5Deercs\r\njLRwos6QTPbKryU+SYfO/s0VtOYRCRISpG1gbPJLZPjaAw/P56khVTCVErjUXkSC5ReMIKuzfQ3V\r\n2HE8zsmioS0rFT39P6QujhcwMmOq0IeJnemwtxzqDvrN/ReqE7sdJq9Ze43vJDGvGZfUxJjHblWt\r\nsDNtqxMdMYZosRyo1YT6DZRjUDUEj3kr/z7oRjn96mRiC4AIebe5HCGHuBWxfXw2G/5PDD1Z0wdN\r\nQ4U04nzWE2bBl/VNlA==\r\n-----END CERTIFICATE-----\n" + "sha1Hash": "e48943d96a40d534b9337ee5eda976d2201d2ebf", + "pinSha256": "U3xTWXJOd447ON2zOz9w35qNaPAJDpqlFO4Jt/443us=", + "raw": "-----BEGIN CERTIFICATE-----\nMIIJcTCCCFmgAwIBAgIQbkMYuNeQFlwDAAAAALrbijANBgkqhkiG9w0BAQsFADBCMQswCQYDVQQG\r\nEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNlcnZpY2VzMRMwEQYDVQQDEwpHVFMgQ0EgMU8x\r\nMB4XDTIwMTExMDE0MzQ0M1oXDTIxMDIwMjE0MzQ0MlowZjELMAkGA1UEBhMCVVMxEzARBgNVBAgT\r\nCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxEzARBgNVBAoTCkdvb2dsZSBMTEMx\r\nFTATBgNVBAMMDCouZ29vZ2xlLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFIhx27fGJ+R\r\n9kmype5uzK8Ka/rxmEk/J/QovXjqMP/TkMyS2fVTcIQ5gYCxxh6ottMx5iAB+9Q0Kg7qLsJAP/qj\r\nggcIMIIHBDAOBgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIw\r\nADAdBgNVHQ4EFgQUhekgVwayZa1bqtk9uha5R6cvJHEwHwYDVR0jBBgwFoAUmNH4bhDrz5vsYJ8Y\r\nkBug630J/SswaAYIKwYBBQUHAQEEXDBaMCsGCCsGAQUFBzABhh9odHRwOi8vb2NzcC5wa2kuZ29v\r\nZy9ndHMxbzFjb3JlMCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2cvZ3NyMi9HVFMxTzEuY3J0\r\nMIIEwgYDVR0RBIIEuTCCBLWCDCouZ29vZ2xlLmNvbYINKi5hbmRyb2lkLmNvbYIWKi5hcHBlbmdp\r\nbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghIqLmNsb3VkLmdvb2dsZS5jb22CGCouY3Jvd2Rzb3Vy\r\nY2UuZ29vZ2xlLmNvbYIYKi5kYXRhY29tcHV0ZS5nb29nbGUuY29tggYqLmcuY2+CDiouZ2NwLmd2\r\ndDIuY29tghEqLmdjcGNkbi5ndnQxLmNvbYIKKi5nZ3BodC5jboIOKi5na2VjbmFwcHMuY26CFiou\r\nZ29vZ2xlLWFuYWx5dGljcy5jb22CCyouZ29vZ2xlLmNhggsqLmdvb2dsZS5jbIIOKi5nb29nbGUu\r\nY28uaW6CDiouZ29vZ2xlLmNvLmpwgg4qLmdvb2dsZS5jby51a4IPKi5nb29nbGUuY29tLmFygg8q\r\nLmdvb2dsZS5jb20uYXWCDyouZ29vZ2xlLmNvbS5icoIPKi5nb29nbGUuY29tLmNvgg8qLmdvb2ds\r\nZS5jb20ubXiCDyouZ29vZ2xlLmNvbS50coIPKi5nb29nbGUuY29tLnZuggsqLmdvb2dsZS5kZYIL\r\nKi5nb29nbGUuZXOCCyouZ29vZ2xlLmZyggsqLmdvb2dsZS5odYILKi5nb29nbGUuaXSCCyouZ29v\r\nZ2xlLm5sggsqLmdvb2dsZS5wbIILKi5nb29nbGUucHSCEiouZ29vZ2xlYWRhcGlzLmNvbYIPKi5n\r\nb29nbGVhcGlzLmNughEqLmdvb2dsZWNuYXBwcy5jboIUKi5nb29nbGVjb21tZXJjZS5jb22CESou\r\nZ29vZ2xldmlkZW8uY29tggwqLmdzdGF0aWMuY26CDSouZ3N0YXRpYy5jb22CEiouZ3N0YXRpY2Nu\r\nYXBwcy5jboIKKi5ndnQxLmNvbYIKKi5ndnQyLmNvbYIUKi5tZXRyaWMuZ3N0YXRpYy5jb22CDCou\r\ndXJjaGluLmNvbYIQKi51cmwuZ29vZ2xlLmNvbYITKi53ZWFyLmdrZWNuYXBwcy5jboIWKi55b3V0\r\ndWJlLW5vY29va2llLmNvbYINKi55b3V0dWJlLmNvbYIWKi55b3V0dWJlZWR1Y2F0aW9uLmNvbYIR\r\nKi55b3V0dWJla2lkcy5jb22CByoueXQuYmWCCyoueXRpbWcuY29tghphbmRyb2lkLmNsaWVudHMu\r\nZ29vZ2xlLmNvbYILYW5kcm9pZC5jb22CG2RldmVsb3Blci5hbmRyb2lkLmdvb2dsZS5jboIcZGV2\r\nZWxvcGVycy5hbmRyb2lkLmdvb2dsZS5jboIEZy5jb4IIZ2dwaHQuY26CDGdrZWNuYXBwcy5jboIG\r\nZ29vLmdsghRnb29nbGUtYW5hbHl0aWNzLmNvbYIKZ29vZ2xlLmNvbYIPZ29vZ2xlY25hcHBzLmNu\r\nghJnb29nbGVjb21tZXJjZS5jb22CGHNvdXJjZS5hbmRyb2lkLmdvb2dsZS5jboIKdXJjaGluLmNv\r\nbYIKd3d3Lmdvby5nbIIIeW91dHUuYmWCC3lvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNv\r\nbYIPeW91dHViZWtpZHMuY29tggV5dC5iZTAhBgNVHSAEGjAYMAgGBmeBDAECAjAMBgorBgEEAdZ5\r\nAgUDMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwucGtpLmdvb2cvR1RTMU8xY29yZS5jcmww\r\nggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgD2XJQv0XcwIhRUGAgwlFaO400TGTO/3wwvIAvMTvFk\r\n4wAAAXWyy4p7AAAEAwBHMEUCIBaIfxadDwtOlUoYpiV6u+B0G04PZv17JeceTO7xYjEfAiEA/S0V\r\ntKdopPSFFmnqlBWlliDGsn27KFh1aR9YtoSz41IAdwBElGUusO7Or8RAB9io/ijA2uaCvtjLMbU/\r\n0zOWtbaBqAAAAXWyy4rUAAAEAwBIMEYCIQDWKWwFnf9CaLYGWYqvKNRlryN0m6eQxwTP8uM54yq6\r\n3gIhAMWeB6x3v7qm3B6PmUMQRlVZaDR3FOcaz2V7O/88tHtfMA0GCSqGSIb3DQEBCwUAA4IBAQCE\r\naoPOwtxgWQb8UJYtXQTuHxxQLF2mcPwAFHszxvOJNXdCplX1G+X+fkrA3cKXgv3CoQy5xs6eRzXR\r\nKoAAUtFmki++5dvgufiMYnSnyPe62x6bcUkowoGMFjLwCA91w7vqSZ2Gnd26YbfLcABonmAb/1Hy\r\nYOxD1l1wn0kOgRBsV3MLEuVoQ+eZ3yWG38WkwzPGtSvAV+6dzWbGu+XC3BT9XhwvQ5WwABMGxPZr\r\nAW4aqW0ArD1gzr1iSz4W0pBWtwYynme0SwfqTf7VJQYKpevuF4bQNOuMy+8E2kouClssLDQ3HOJZ\r\nKkyn3byIK0NCee1+DTNQX0hl6e/f6va5HaiJ\r\n-----END CERTIFICATE-----\n" }, { - "subject": "CN=Google Internet Authority G3, O=Google Trust Services, C=US", - "label": "Google Internet Authority G3", + "subject": "CN=GTS CA 1O1, O=Google Trust Services, C=US", + "label": "GTS CA 1O1", "notBefore": 1497484842000, "notAfter": 1639526442000, "issuerSubject": "CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2", @@ -1231,9 +1418,9 @@ "revocationStatus": 2, "crlRevocationStatus": 2, "ocspRevocationStatus": 2, - "sha1Hash": "eeacbd0cb452819577911e1e6203db262f84a318", - "pinSha256": "f8NnEFZxQ4ExFOhSN7EiFWtiudZQVD2oY60uauV/n78=", - "raw": "-----BEGIN CERTIFICATE-----\nMIIEXDCCA0SgAwIBAgINAeOpMBz8cgY4P5pTHTANBgkqhkiG9w0BAQsFADBMMSAwHgYDVQQLExdH\r\nbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xv\r\nYmFsU2lnbjAeFw0xNzA2MTUwMDAwNDJaFw0yMTEyMTUwMDAwNDJaMFQxCzAJBgNVBAYTAlVTMR4w\r\nHAYDVQQKExVHb29nbGUgVHJ1c3QgU2VydmljZXMxJTAjBgNVBAMTHEdvb2dsZSBJbnRlcm5ldCBB\r\ndXRob3JpdHkgRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKUkvqHv/OJGuo2nIY\r\naNVWXQ5IWi01CXZaz6TIHLGp/lOJ+600/4hbn7vn6AAB3DVzdQOts7G5pH0rJnnOFUAK71G4nzKM\r\nfHCGUksW/mona+Y2emJQ2N+aicwJKetPKRSIgAuPOB6Aahh8Hb2XO3h9RUk2T0HNouB2VzxoMXlk\r\nyW7XUR5mw6JkLHnA52XDVoRTWkNty5oCINLvGmnRsJ1zouAqYGVQMc/7sy+/EYhALrVJEA8KbtyX\r\n+r8snwU5C1hUrwaW6MWOARa8qBpNQcWTkaIeoYvy/sGIJEmjR0vFEwHdp1cSaWIr6/4g72n7OqXw\r\nfinu7ZYW97EfoOSQJeAzAgMBAAGjggEzMIIBLzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYI\r\nKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHfCuFCaZ3Z2\r\nsS3ChtCDoH6mfrpLMB8GA1UdIwQYMBaAFJviB1dnHB7AagbeWbSaLd/cGYYuMDUGCCsGAQUFBwEB\r\nBCkwJzAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AucGtpLmdvb2cvZ3NyMjAyBgNVHR8EKzApMCeg\r\nJaAjhiFodHRwOi8vY3JsLnBraS5nb29nL2dzcjIvZ3NyMi5jcmwwPwYDVR0gBDgwNjA0BgZngQwB\r\nAgIwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly9wa2kuZ29vZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0B\r\nAQsFAAOCAQEAHLeJluRT7bvs26gyAZ8so81trUISd7O45skDUmAge1cnxhG1P2cNmSxbWsoiCt2e\r\nux9LSD+PAj2LIYRFHW31/6xoic1k4tbWXkDCjir37xTTNqRAMPUyFRWSdvt+nlPqwnb8Oa2I/maS\r\nJukcxDjNSfpDh/Bd1lZNgdd/8cLdsE3+wypufJ9uXO1iQpnh9zbuFIwsIONGl1p3A8CgxkqI/UAi\r\nh3JaGOqcpcdaCIzkBaR9uYQ1X4k2Vg5APRLouzVy7a8IVk6wuy6pm+T7HT4LY8ibS5FEZlfAFLSW\r\n8NwsVz9SBK2Vqn1N0PIMn5xA6NZVc7o835DLAFshEWfC7TIe3g==\r\n-----END CERTIFICATE-----\n" + "sha1Hash": "dfe2070c79e7ff36a925ffa327ffe3deecf8f9c2", + "pinSha256": "YZPgTZ+woNCCCIW3LH2CxQeLzB/1m42QcCTBSdgayjs=", + "raw": "-----BEGIN CERTIFICATE-----\nMIIESjCCAzKgAwIBAgINAeO0mqGNiqmBJWlQuDANBgkqhkiG9w0BAQsFADBMMSAwHgYDVQQLExdH\r\nbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xv\r\nYmFsU2lnbjAeFw0xNzA2MTUwMDAwNDJaFw0yMTEyMTUwMDAwNDJaMEIxCzAJBgNVBAYTAlVTMR4w\r\nHAYDVQQKExVHb29nbGUgVHJ1c3QgU2VydmljZXMxEzARBgNVBAMTCkdUUyBDQSAxTzEwggEiMA0G\r\nCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQGM9F1IvN05zkQO9+tN1pIRvJzzyOTHW5DzEZhD2e\r\nPCnvUA0Qk28FgICfKqC9EksC4T2fWBYk/jCfC3R3VZMdS/dN4ZKCEPZRrAzDsiKUDzRrmBBJ5wud\r\ngzndIMYcLe/RGGFl5yODIKgjEv/SJH/UL+dEaltN11BmsK+eQmMF++AcxGNhr59qM/9il71I2dN8\r\nFGfcddwuaej4bXhp0LcQBbjxMcI7JP0aM3T4I+DsaxmKFsbjzaTNC9uzpFlgOIg7rR25xoynUxv8\r\nvNmkq7zdPGHXkxWY7oG9j+JkRyBABk7XrJfoucBZEqFJJSPk7XA0LKW0Y3z5oz2D0c1tJKwHAgMB\r\nAAGjggEzMIIBLzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC\r\nMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFJjR+G4Q68+b7GCfGJAboOt9Cf0rMB8GA1Ud\r\nIwQYMBaAFJviB1dnHB7AagbeWbSaLd/cGYYuMDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcwAYYZ\r\naHR0cDovL29jc3AucGtpLmdvb2cvZ3NyMjAyBgNVHR8EKzApMCegJaAjhiFodHRwOi8vY3JsLnBr\r\naS5nb29nL2dzcjIvZ3NyMi5jcmwwPwYDVR0gBDgwNjA0BgZngQwBAgIwKjAoBggrBgEFBQcCARYc\r\naHR0cHM6Ly9wa2kuZ29vZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAGoA+Nnn78y6p\r\nRjd9XlQWNa7HTgiZ/r3RNGkmUmYHPQq6Scti9PEajvwRT2iWTHQr02fesqOqBY2ETUwgZQ+lltoN\r\nFvhsO9tvBCOIazpswWC9aJ9xju4tWDQH8NVU6YZZ/XteDSGU9YzJqPjY8q3MDxrzmqepBCf5o8mw\r\n/wJ4a2G6xzUr6Fb6T8McDO22PLRL6u3M4Tzs3A2M1j6bykJYi8wWIRdAvKLWZu/axBVbzYmqmwkm\r\n5zLSDW5nIAJbELCQCZwMH56t2Dvqofxs6BBcCFIZUSpxu6x6td0V7SvJCCosirSmIatj/9dSSVDQ\r\nibet8q/7UK4v4ZUN80atnZz1yg==\r\n-----END CERTIFICATE-----\n" } ], "issues": 0 @@ -1508,7 +1695,7 @@ }, { "client": { - "id": 139, + "id": 167, "name": "Android", "version": "7.0", "isReference": false @@ -1519,6 +1706,45 @@ "suiteId": 52393, "kxInfo": "ECDH x25519" }, + { + "client": { + "id": 168, + "name": "Android", + "version": "8.0", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 52393, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 157, + "name": "Android", + "version": "8.1", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4867, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 158, + "name": "Android", + "version": "9.0", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4867, + "kxInfo": "ECDH x25519" + }, { "client": { "id": 94, @@ -1587,6 +1813,20 @@ "suiteId": 4865, "kxInfo": "ECDH x25519" }, + { + "client": { + "id": 170, + "name": "Chrome", + "platform": "Win 10", + "version": "80", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4865, + "kxInfo": "ECDH x25519" + }, { "client": { "id": 84, @@ -1643,6 +1883,20 @@ "suiteId": 49195, "kxInfo": "ECDH x25519" }, + { + "client": { + "id": 171, + "name": "Firefox", + "platform": "Win 10", + "version": "73", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4865, + "kxInfo": "ECDH x25519" + }, { "client": { "id": 145, @@ -1806,6 +2060,34 @@ "suiteId": 49195, "kxInfo": "ECDH x25519" }, + { + "client": { + "id": 159, + "name": "Edge", + "platform": "Win 10", + "version": "16", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49195, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 160, + "name": "Edge", + "platform": "Win 10", + "version": "18", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 49195, + "kxInfo": "ECDH x25519" + }, { "client": { "id": 120, @@ -1858,6 +2140,32 @@ "suiteId": 49195, "kxInfo": "ECDH secp256r1" }, + { + "client": { + "id": 162, + "name": "Java", + "version": "11.0.3", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4865, + "kxInfo": "ECDH secp256r1" + }, + { + "client": { + "id": 163, + "name": "Java", + "version": "12.0.1", + "isReference": false + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4865, + "kxInfo": "ECDH secp256r1" + }, { "client": { "id": 27, @@ -1885,17 +2193,43 @@ }, { "client": { - "id": 121, + "id": 164, "name": "OpenSSL", - "version": "1.0.2e", + "version": "1.0.2s", "isReference": true }, "errorCode": 0, "attempts": 1, "protocolId": 771, - "suiteId": 49195, + "suiteId": 49199, "kxInfo": "ECDH secp256r1" }, + { + "client": { + "id": 169, + "name": "OpenSSL", + "version": "1.1.0k", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 771, + "suiteId": 52393, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 165, + "name": "OpenSSL", + "version": "1.1.1c", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4866, + "kxInfo": "ECDH x25519" + }, { "client": { "id": 32, @@ -2050,6 +2384,34 @@ "suiteId": 49195, "kxInfo": "ECDH secp256r1" }, + { + "client": { + "id": 161, + "name": "Safari", + "platform": "MacOS 10.14.6 Beta", + "version": "12.1.2", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4867, + "kxInfo": "ECDH x25519" + }, + { + "client": { + "id": 166, + "name": "Safari", + "platform": "iOS 12.3.1", + "version": "12.1.1", + "isReference": true + }, + "errorCode": 0, + "attempts": 1, + "protocolId": 772, + "suiteId": 4867, + "kxInfo": "ECDH x25519" + }, { "client": { "id": 112, @@ -2100,7 +2462,7 @@ "poodleTls": 1, "fallbackScsv": true, "freak": false, - "hasSct": 4, + "hasSct": 1, "logjam": false, "chaCha20Preference": true, "hstsPolicy": { @@ -2113,25 +2475,25 @@ "source": "Chrome", "hostname": "google.com", "status": "absent", - "sourceTime": 1554367441126 + "sourceTime": 1608109802581 }, { "source": "Edge", "hostname": "google.com", "status": "absent", - "sourceTime": 1554367442684 + "sourceTime": 1608111661651 }, { "source": "Firefox", "hostname": "google.com", "status": "absent", - "sourceTime": 1554367442684 + "sourceTime": 1608111661651 }, { "source": "IE", "hostname": "google.com", "status": "absent", - "sourceTime": 1554367442684 + "sourceTime": 1608111661651 } ], "hpkpPolicy": { diff --git a/sample/styles.css b/sample/styles.css index 51069a8..aa586d0 100644 --- a/sample/styles.css +++ b/sample/styles.css @@ -41,4 +41,4 @@ body { border-style:solid; border-width:1px; padding:8px; -} +} \ No newline at end of file diff --git a/sample/summary.csv b/sample/summary.csv index ea7a2a7..7cdb675 100644 --- a/sample/summary.csv +++ b/sample/summary.csv @@ -1,3 +1,4 @@ -#Host,Grade,HasWarnings,Cert Expiry,Chain Status,Forward Secrecy,Heartbeat ext,Vuln Beast,Vuln Drown,Vuln Heartbleed,Vuln FREAK,Vuln openSsl Ccs,Vuln openSSL LuckyMinus20,Vuln POODLE,Vuln POODLE TLS,TLS 1.3,TLS 1.2,TLS 1.1,TLS 1.0,SSL 3.0 INSECURE,SSL 2.0 INSECURE -google.com,A,False,2019-05-24,none,With modern browsers,False,True,False,False,False,False,False,False,False,No,Yes,Yes,Yes,No,No -google.com,A,False,2019-05-24,none,With modern browsers,False,True,False,False,False,False,False,False,False,No,Yes,Yes,Yes,No,No +#Host,Grade,HasWarnings,Cert Expiry,Chain Status,Forward Secrecy,Heartbeat ext,Vuln Beast,Vuln Drown,Vuln Heartbleed,Vuln FREAK,Vuln openSsl Ccs,Vuln openSSL LuckyMinus20,Vuln POODLE,Vuln POODLE TLS,Support RC4,RC4 with modern protocols,RC4 Only,TLS 1.3,TLS 1.2,TLS 1.1,TLS 1.0,SSL 3.0 INSECURE,SSL 2.0 INSECURE +duckduckgo.com,A+,False,2021-11-10,none,Yes (with most browsers) ROBUST,False,False,False,False,False,False,False,False,False,False,False,False,No,Yes,No,No,No,No +google.com,B,False,2021-02-02,none,With modern browsers,False,True,False,False,False,False,False,False,False,False,False,False,No,Yes,Yes,Yes,No,No +google.com,B,False,2021-02-02,none,With modern browsers,False,True,False,False,False,False,False,False,False,False,False,False,No,Yes,Yes,Yes,No,No diff --git a/sample/summary.html b/sample/summary.html index 7f7406b..6557def 100644 --- a/sample/summary.html +++ b/sample/summary.html @@ -9,7 +9,7 @@

SSL Labs Analysis Summary Report

- +
#HostGradeHasWarningsCert ExpiryChain StatusForward SecrecyHeartbeat extVuln BeastVuln DrownVuln HeartbleedVuln FREAKVuln openSsl CcsVuln openSSL LuckyMinus20Vuln POODLEVuln POODLE TLSTLS 1.3TLS 1.2TLS 1.1TLS 1.0SSL 3.0 INSECURESSL 2.0 INSECURE
google.comAFalse2019-05-24noneWith modern browsersFalseTrueFalseFalseFalseFalseFalseFalseFalseNoYesYesYesNoNo
google.comAFalse2019-05-24noneWith modern browsersFalseTrueFalseFalseFalseFalseFalseFalseFalseNoYesYesYesNoNo
#HostGradeHasWarningsCert ExpiryChain StatusForward SecrecyHeartbeat extVuln BeastVuln DrownVuln HeartbleedVuln FREAKVuln openSsl CcsVuln openSSL LuckyMinus20Vuln POODLEVuln POODLE TLSSupport RC4RC4 with modern protocolsRC4 OnlyTLS 1.3TLS 1.2TLS 1.1TLS 1.0SSL 3.0 INSECURESSL 2.0 INSECURE
duckduckgo.comA+False2021-11-10noneYes (with most browsers) ROBUSTFalseFalseFalseFalseFalseFalseFalseFalseFalseFalseFalseFalseNoYesNoNoNoNo
google.comBFalse2021-02-02noneWith modern browsersFalseTrueFalseFalseFalseFalseFalseFalseFalseFalseFalseFalseNoYesYesYesNoNo
google.comBFalse2021-02-02noneWith modern browsersFalseTrueFalseFalseFalseFalseFalseFalseFalseFalseFalseFalseNoYesYesYesNoNo
diff --git a/setup.py b/setup.py index 2f2e4b7..ff309b5 100644 --- a/setup.py +++ b/setup.py @@ -1,7 +1,7 @@ from setuptools import setup, find_packages __title__ = "ssllabsscan" -__version__ = "1.0.1" +__version__ = "1.1.0" __author__ = "Kay Hau" __email__ = "virtualda@gmail.com" __uri__ = "https://github.com/kyhau/ssllabs-scan" diff --git a/ssllabsscan/main.py b/ssllabsscan/main.py index 11ec3f1..792d912 100644 --- a/ssllabsscan/main.py +++ b/ssllabsscan/main.py @@ -1,5 +1,5 @@ """ -App"s main +App's main """ import csv import os @@ -8,8 +8,7 @@ import traceback from ssllabsscan.report_template import REPORT_HTML -from ssllabsscan.ssllabs_client import SSLLabsClient, SUMMARY_COL_NAMES - +from ssllabsscan.ssllabs_client import SUMMARY_COL_NAMES, SSLLabsClient SUMMARY_CSV = "summary.csv" SUMMARY_HTML = "summary.html" @@ -20,7 +19,7 @@ def output_summary_html(input_csv, output_html): - print("Creating {} ...".format(output_html)) + print(f"Creating {output_html} ...") data = "" with open(input_csv, "r") as csvfile: @@ -77,7 +76,7 @@ def main(): Entry point of the app. """ if len(sys.argv) != 2: - print("{} [SERVER_LIST_FILE]".format(sys.argv[0])) + print(f"{sys.argv[0]} [SERVER_LIST_FILE]") return 1 return process(server_list_file=sys.argv[1]) diff --git a/ssllabsscan/ssllabs_client.py b/ssllabsscan/ssllabs_client.py index e7e21bc..853fa3f 100644 --- a/ssllabsscan/ssllabs_client.py +++ b/ssllabsscan/ssllabs_client.py @@ -1,12 +1,12 @@ """ -See APi doc: https://github.com/ssllabs/ssllabs-scan/blob/stable/ssllabs-api-docs.md +See API doc: https://github.com/ssllabs/ssllabs-scan/blob/master/ssllabs-api-docs.md """ -from datetime import datetime import json import os -import requests import time +from datetime import datetime +import requests API_URL = "https://api.ssllabs.com/api/v2/analyze" @@ -31,6 +31,8 @@ "TLS 1.3", "TLS 1.2", "TLS 1.1", "TLS 1.0", "SSL 3.0 INSECURE", "SSL 2.0 INSECURE" ] +RC4 = ["Support RC4", "RC4 with modern protocols", "RC4 Only"] + VULNERABLES = [ "Vuln Beast", "Vuln Drown", "Vuln Heartbleed", "Vuln FREAK", "Vuln openSsl Ccs", "Vuln openSSL LuckyMinus20", "Vuln POODLE", "Vuln POODLE TLS" @@ -38,7 +40,7 @@ SUMMARY_COL_NAMES = [ "Host", "Grade", "HasWarnings", "Cert Expiry", "Chain Status", "Forward Secrecy", "Heartbeat ext" -] + VULNERABLES + PROTOCOLS +] + VULNERABLES + RC4 + PROTOCOLS class SSLLabsClient(): @@ -70,6 +72,7 @@ def start_new_scan(self, host, publish="off", startNew="on", all="done", ignoreM payload.pop("startNew") while results["status"] != "READY" and results["status"] != "ERROR": + print(f"Status: {results['status']}, wait for {self._check_progress_interval_secs} seconds...") time.sleep(self._check_progress_interval_secs) results = self.request_api(path, payload) return results @@ -111,6 +114,9 @@ def append_summary_csv(self, summary_file, host, data): False if ep["details"]["openSSLLuckyMinus20"] == 1 else True, ep["details"]["poodle"], False if ep["details"]["poodleTls"] == 1 else True, + ep["details"]["supportsRc4"], + ep["details"]["rc4WithModern"], + ep["details"]["rc4Only"], ] for protocol in PROTOCOLS: found = False diff --git a/ssllabsscan/tests/conftest.py b/ssllabsscan/tests/conftest.py index 5361b23..fd2bf15 100644 --- a/ssllabsscan/tests/conftest.py +++ b/ssllabsscan/tests/conftest.py @@ -39,7 +39,10 @@ "heartbeat": True, "cert": { "notAfter": 1521257378000, - } + }, + "supportsRc4": False, + "rc4WithModern": False, + "rc4Only": False, }, } ],