Debugging issues
In the section, we will learn how to debug common SSL-related issues:
Know your SSL/TLS server. It's very important how the server is configured, which TLS version is used, and which cipher suites it supports. To do this, use the
nmaputility as shown:root@bash :/home/ubuntu# nmap --script ssl-cert,ssl-enum-ciphers -p 443 10.0.0.106 Starting Nmap 6.40 ( http://nmap.org ) at 2015-08-03 16:49 UTC Nmap scan report for ip-10-0-0-106.ap-southeast-1.compute.internal (10.0.0.106) Host is up (0.000067s latency). PORT STATE SERVICE 443/tcp open https | ssl-cert: Subject: commonName=ip-10-0-0-106/organizationName=Internet Widgits Pty Ltd/stateOrProvinceName=Some-State/countryName=AU | Issuer: commonName=ip-10-0-0-106/organizationName=Internet Widgits Pty Ltd/stateOrProvinceName=Some-State/countryName=AU | Public Key type: rsa | Public Key bits: 2048 | Not valid before: 2015-07-28T14:43:45+00:00 | Not valid after: 2016-07-27T14:43:45+00:00 | MD5: 9ba5 0ea9 14b2 0793 7fe6 9329...
