search

DinoTools / sslscan

SSLScan tests SSL/TLS enabled services to discover supported cipher suites
https://github.com/DinoTools/sslscan
GNU General Public License v3.0
87 stars 24 forks source link

sslscan lists all failed and rejected ciphers regardless of --no-failed #16

Open ZaiLynch opened 9 years ago

ZaiLynch commented 9 years ago

sslscan lists all failed and rejected ciphers regardless of --no-failed

Repro: 

$ sslscan --no-failed github.com

Loaded 'test' successfully
Loaded 'legacy' successfully
Loaded 'legacy_xml' successfully
Loaded 'report' successfully
                   _
           ___ ___| |___  ___ __ _ _ __
          / __/ __| / __|/ __/ _` | '_ \
          \__ \__ \ \__ \ (_| (_| | | | |
          |___/___/_|___/\___\__,_|_| |_|

        sslscan version 1.10.0 
        OpenSSL 1.0.1f 6 Jan 2014

Testing SSL server github.com on port 443

    Unable to parse certificate
  Supported Server Cipher(s):
    Failed    TLSv1  256 bits  ECDHE-RSA-AES256-GCM-SHA384
    Failed    TLSv1  256 bits  ECDHE-ECDSA-AES256-GCM-SHA384
    Failed    TLSv1  256 bits  ECDHE-RSA-AES256-SHA384
    Failed    TLSv1  256 bits  ECDHE-ECDSA-AES256-SHA384
    Accepted  TLSv1  256 bits  ECDHE-RSA-AES256-SHA
    Rejected  TLSv1  256 bits  ECDHE-ECDSA-AES256-SHA
    Failed    TLSv1  256 bits  SRP-DSS-AES-256-CBC-SHA
    Failed    TLSv1  256 bits  SRP-RSA-AES-256-CBC-SHA
    Failed    TLSv1  256 bits  SRP-AES-256-CBC-SHA
    Failed    TLSv1  256 bits  DHE-DSS-AES256-GCM-SHA384
    Failed    TLSv1  256 bits  DHE-RSA-AES256-GCM-SHA384
    Failed    TLSv1  256 bits  DHE-RSA-AES256-SHA256
    Failed    TLSv1  256 bits  DHE-DSS-AES256-SHA256
    Rejected  TLSv1  256 bits  DHE-RSA-AES256-SHA
    Rejected  TLSv1  256 bits  DHE-DSS-AES256-SHA
    Rejected  TLSv1  256 bits  DHE-RSA-CAMELLIA256-SHA
    Rejected  TLSv1  256 bits  DHE-DSS-CAMELLIA256-SHA
    Rejected  TLSv1  256 bits  AECDH-AES256-SHA
    Failed    TLSv1  256 bits  ADH-AES256-GCM-SHA384
    Failed    TLSv1  256 bits  ADH-AES256-SHA256
    Rejected  TLSv1  256 bits  ADH-AES256-SHA
    Rejected  TLSv1  256 bits  ADH-CAMELLIA256-SHA
    Failed    TLSv1  256 bits  ECDH-RSA-AES256-GCM-SHA384
    Failed    TLSv1  256 bits  ECDH-ECDSA-AES256-GCM-SHA384
    Failed    TLSv1  256 bits  ECDH-RSA-AES256-SHA384
    Failed    TLSv1  256 bits  ECDH-ECDSA-AES256-SHA384
    Rejected  TLSv1  256 bits  ECDH-RSA-AES256-SHA
    Rejected  TLSv1  256 bits  ECDH-ECDSA-AES256-SHA
    Failed    TLSv1  256 bits  AES256-GCM-SHA384
    Failed    TLSv1  256 bits  AES256-SHA256
    Accepted  TLSv1  256 bits  AES256-SHA
    Rejected  TLSv1  256 bits  CAMELLIA256-SHA
    Failed    TLSv1  256 bits  PSK-AES256-CBC-SHA
    Rejected  TLSv1  168 bits  ECDHE-RSA-DES-CBC3-SHA
    Rejected  TLSv1  168 bits  ECDHE-ECDSA-DES-CBC3-SHA
    Failed    TLSv1  168 bits  SRP-DSS-3DES-EDE-CBC-SHA
    Failed    TLSv1  168 bits  SRP-RSA-3DES-EDE-CBC-SHA
    Failed    TLSv1  168 bits  SRP-3DES-EDE-CBC-SHA
    Rejected  TLSv1  168 bits  EDH-RSA-DES-CBC3-SHA
    Rejected  TLSv1  168 bits  EDH-DSS-DES-CBC3-SHA
    Rejected  TLSv1  168 bits  AECDH-DES-CBC3-SHA
    Rejected  TLSv1  168 bits  ADH-DES-CBC3-SHA
    Rejected  TLSv1  168 bits  ECDH-RSA-DES-CBC3-SHA
    Rejected  TLSv1  168 bits  ECDH-ECDSA-DES-CBC3-SHA
    Rejected  TLSv1  168 bits  DES-CBC3-SHA
    Failed    TLSv1  168 bits  PSK-3DES-EDE-CBC-SHA
    Failed    TLSv1  128 bits  ECDHE-RSA-AES128-GCM-SHA256
    Failed    TLSv1  128 bits  ECDHE-ECDSA-AES128-GCM-SHA256
    Failed    TLSv1  128 bits  ECDHE-RSA-AES128-SHA256
    Failed    TLSv1  128 bits  ECDHE-ECDSA-AES128-SHA256
    Accepted  TLSv1  128 bits  ECDHE-RSA-AES128-SHA
    Rejected  TLSv1  128 bits  ECDHE-ECDSA-AES128-SHA
    Failed    TLSv1  128 bits  SRP-DSS-AES-128-CBC-SHA
    Failed    TLSv1  128 bits  SRP-RSA-AES-128-CBC-SHA
    Failed    TLSv1  128 bits  SRP-AES-128-CBC-SHA
    Failed    TLSv1  128 bits  DHE-DSS-AES128-GCM-SHA256
    Failed    TLSv1  128 bits  DHE-RSA-AES128-GCM-SHA256
    Failed    TLSv1  128 bits  DHE-RSA-AES128-SHA256
    Failed    TLSv1  128 bits  DHE-DSS-AES128-SHA256
    Rejected  TLSv1  128 bits  DHE-RSA-AES128-SHA
    Rejected  TLSv1  128 bits  DHE-DSS-AES128-SHA
    Rejected  TLSv1  128 bits  DHE-RSA-SEED-SHA
    Rejected  TLSv1  128 bits  DHE-DSS-SEED-SHA
    Rejected  TLSv1  128 bits  DHE-RSA-CAMELLIA128-SHA
    Rejected  TLSv1  128 bits  DHE-DSS-CAMELLIA128-SHA
    Rejected  TLSv1  128 bits  AECDH-AES128-SHA
    Failed    TLSv1  128 bits  ADH-AES128-GCM-SHA256
    Failed    TLSv1  128 bits  ADH-AES128-SHA256
    Rejected  TLSv1  128 bits  ADH-AES128-SHA
    Rejected  TLSv1  128 bits  ADH-SEED-SHA
    Rejected  TLSv1  128 bits  ADH-CAMELLIA128-SHA
    Failed    TLSv1  128 bits  ECDH-RSA-AES128-GCM-SHA256
    Failed    TLSv1  128 bits  ECDH-ECDSA-AES128-GCM-SHA256
    Failed    TLSv1  128 bits  ECDH-RSA-AES128-SHA256
    Failed    TLSv1  128 bits  ECDH-ECDSA-AES128-SHA256
    Rejected  TLSv1  128 bits  ECDH-RSA-AES128-SHA
    Rejected  TLSv1  128 bits  ECDH-ECDSA-AES128-SHA
    Failed    TLSv1  128 bits  AES128-GCM-SHA256
    Failed    TLSv1  128 bits  AES128-SHA256
    Accepted  TLSv1  128 bits  AES128-SHA
    Rejected  TLSv1  128 bits  SEED-SHA
    Rejected  TLSv1  128 bits  CAMELLIA128-SHA
    Failed    TLSv1  128 bits  PSK-AES128-CBC-SHA
    Rejected  TLSv1  128 bits  ECDHE-RSA-RC4-SHA
    Rejected  TLSv1  128 bits  ECDHE-ECDSA-RC4-SHA
    Rejected  TLSv1  128 bits  AECDH-RC4-SHA
    Rejected  TLSv1  128 bits  ADH-RC4-MD5
    Rejected  TLSv1  128 bits  ECDH-RSA-RC4-SHA
    Rejected  TLSv1  128 bits  ECDH-ECDSA-RC4-SHA
    Rejected  TLSv1  128 bits  RC4-SHA
    Rejected  TLSv1  128 bits  RC4-MD5
    Failed    TLSv1  128 bits  PSK-RC4-SHA
    Rejected  TLSv1  56 bits   EDH-RSA-DES-CBC-SHA
    Rejected  TLSv1  56 bits   EDH-DSS-DES-CBC-SHA
    Rejected  TLSv1  56 bits   ADH-DES-CBC-SHA
    Rejected  TLSv1  56 bits   DES-CBC-SHA
    Rejected  TLSv1  40 bits   EXP-EDH-RSA-DES-CBC-SHA
    Rejected  TLSv1  40 bits   EXP-EDH-DSS-DES-CBC-SHA
    Rejected  TLSv1  40 bits   EXP-ADH-DES-CBC-SHA
    Rejected  TLSv1  40 bits   EXP-DES-CBC-SHA
    Rejected  TLSv1  40 bits   EXP-RC2-CBC-MD5
    Rejected  TLSv1  40 bits   EXP-ADH-RC4-MD5
    Rejected  TLSv1  40 bits   EXP-RC4-MD5
    Rejected  TLSv1  0 bits    ECDHE-RSA-NULL-SHA
    Rejected  TLSv1  0 bits    ECDHE-ECDSA-NULL-SHA
    Rejected  TLSv1  0 bits    AECDH-NULL-SHA
    Rejected  TLSv1  0 bits    ECDH-RSA-NULL-SHA
    Rejected  TLSv1  0 bits    ECDH-ECDSA-NULL-SHA
    Failed    TLSv1  0 bits    NULL-SHA256
    Rejected  TLSv1  0 bits    NULL-SHA
    Rejected  TLSv1  0 bits    NULL-MD5
    Failed    TLS11  256 bits  ECDHE-RSA-AES256-GCM-SHA384
    Failed    TLS11  256 bits  ECDHE-ECDSA-AES256-GCM-SHA384
    Failed    TLS11  256 bits  ECDHE-RSA-AES256-SHA384
    Failed    TLS11  256 bits  ECDHE-ECDSA-AES256-SHA384
    Accepted  TLS11  256 bits  ECDHE-RSA-AES256-SHA
    Rejected  TLS11  256 bits  ECDHE-ECDSA-AES256-SHA
    Failed    TLS11  256 bits  SRP-DSS-AES-256-CBC-SHA
    Failed    TLS11  256 bits  SRP-RSA-AES-256-CBC-SHA
    Failed    TLS11  256 bits  SRP-AES-256-CBC-SHA
    Failed    TLS11  256 bits  DHE-DSS-AES256-GCM-SHA384
    Failed    TLS11  256 bits  DHE-RSA-AES256-GCM-SHA384
    Failed    TLS11  256 bits  DHE-RSA-AES256-SHA256
    Failed    TLS11  256 bits  DHE-DSS-AES256-SHA256
    Rejected  TLS11  256 bits  DHE-RSA-AES256-SHA
    Rejected  TLS11  256 bits  DHE-DSS-AES256-SHA
    Rejected  TLS11  256 bits  DHE-RSA-CAMELLIA256-SHA
    Rejected  TLS11  256 bits  DHE-DSS-CAMELLIA256-SHA
    Rejected  TLS11  256 bits  AECDH-AES256-SHA
    Failed    TLS11  256 bits  ADH-AES256-GCM-SHA384
    Failed    TLS11  256 bits  ADH-AES256-SHA256
    Rejected  TLS11  256 bits  ADH-AES256-SHA
    Rejected  TLS11  256 bits  ADH-CAMELLIA256-SHA
    Failed    TLS11  256 bits  ECDH-RSA-AES256-GCM-SHA384
    Failed    TLS11  256 bits  ECDH-ECDSA-AES256-GCM-SHA384
    Failed    TLS11  256 bits  ECDH-RSA-AES256-SHA384
    Failed    TLS11  256 bits  ECDH-ECDSA-AES256-SHA384
    Rejected  TLS11  256 bits  ECDH-RSA-AES256-SHA
    Rejected  TLS11  256 bits  ECDH-ECDSA-AES256-SHA
    Failed    TLS11  256 bits  AES256-GCM-SHA384
    Failed    TLS11  256 bits  AES256-SHA256
    Accepted  TLS11  256 bits  AES256-SHA
    Rejected  TLS11  256 bits  CAMELLIA256-SHA
    Failed    TLS11  256 bits  PSK-AES256-CBC-SHA
    Rejected  TLS11  168 bits  ECDHE-RSA-DES-CBC3-SHA
    Rejected  TLS11  168 bits  ECDHE-ECDSA-DES-CBC3-SHA
    Failed    TLS11  168 bits  SRP-DSS-3DES-EDE-CBC-SHA
    Failed    TLS11  168 bits  SRP-RSA-3DES-EDE-CBC-SHA
    Failed    TLS11  168 bits  SRP-3DES-EDE-CBC-SHA
    Rejected  TLS11  168 bits  EDH-RSA-DES-CBC3-SHA
    Rejected  TLS11  168 bits  EDH-DSS-DES-CBC3-SHA
    Rejected  TLS11  168 bits  AECDH-DES-CBC3-SHA
    Rejected  TLS11  168 bits  ADH-DES-CBC3-SHA
    Rejected  TLS11  168 bits  ECDH-RSA-DES-CBC3-SHA
    Rejected  TLS11  168 bits  ECDH-ECDSA-DES-CBC3-SHA
    Rejected  TLS11  168 bits  DES-CBC3-SHA
    Failed    TLS11  168 bits  PSK-3DES-EDE-CBC-SHA
    Failed    TLS11  128 bits  ECDHE-RSA-AES128-GCM-SHA256
    Failed    TLS11  128 bits  ECDHE-ECDSA-AES128-GCM-SHA256
    Failed    TLS11  128 bits  ECDHE-RSA-AES128-SHA256
    Failed    TLS11  128 bits  ECDHE-ECDSA-AES128-SHA256
    Accepted  TLS11  128 bits  ECDHE-RSA-AES128-SHA
    Rejected  TLS11  128 bits  ECDHE-ECDSA-AES128-SHA
    Failed    TLS11  128 bits  SRP-DSS-AES-128-CBC-SHA
    Failed    TLS11  128 bits  SRP-RSA-AES-128-CBC-SHA
    Failed    TLS11  128 bits  SRP-AES-128-CBC-SHA
    Failed    TLS11  128 bits  DHE-DSS-AES128-GCM-SHA256
    Failed    TLS11  128 bits  DHE-RSA-AES128-GCM-SHA256
    Failed    TLS11  128 bits  DHE-RSA-AES128-SHA256
    Failed    TLS11  128 bits  DHE-DSS-AES128-SHA256
    Rejected  TLS11  128 bits  DHE-RSA-AES128-SHA
    Rejected  TLS11  128 bits  DHE-DSS-AES128-SHA
    Rejected  TLS11  128 bits  DHE-RSA-SEED-SHA
    Rejected  TLS11  128 bits  DHE-DSS-SEED-SHA
    Rejected  TLS11  128 bits  DHE-RSA-CAMELLIA128-SHA
    Rejected  TLS11  128 bits  DHE-DSS-CAMELLIA128-SHA
    Rejected  TLS11  128 bits  AECDH-AES128-SHA
    Failed    TLS11  128 bits  ADH-AES128-GCM-SHA256
    Failed    TLS11  128 bits  ADH-AES128-SHA256
    Rejected  TLS11  128 bits  ADH-AES128-SHA
    Rejected  TLS11  128 bits  ADH-SEED-SHA
    Rejected  TLS11  128 bits  ADH-CAMELLIA128-SHA
    Failed    TLS11  128 bits  ECDH-RSA-AES128-GCM-SHA256
    Failed    TLS11  128 bits  ECDH-ECDSA-AES128-GCM-SHA256
    Failed    TLS11  128 bits  ECDH-RSA-AES128-SHA256
    Failed    TLS11  128 bits  ECDH-ECDSA-AES128-SHA256
    Rejected  TLS11  128 bits  ECDH-RSA-AES128-SHA
    Rejected  TLS11  128 bits  ECDH-ECDSA-AES128-SHA
    Failed    TLS11  128 bits  AES128-GCM-SHA256
    Failed    TLS11  128 bits  AES128-SHA256
    Accepted  TLS11  128 bits  AES128-SHA
    Rejected  TLS11  128 bits  SEED-SHA
    Rejected  TLS11  128 bits  CAMELLIA128-SHA
    Failed    TLS11  128 bits  PSK-AES128-CBC-SHA
    Rejected  TLS11  128 bits  ECDHE-RSA-RC4-SHA
    Rejected  TLS11  128 bits  ECDHE-ECDSA-RC4-SHA
    Rejected  TLS11  128 bits  AECDH-RC4-SHA
    Rejected  TLS11  128 bits  ADH-RC4-MD5
    Rejected  TLS11  128 bits  ECDH-RSA-RC4-SHA
    Rejected  TLS11  128 bits  ECDH-ECDSA-RC4-SHA
    Rejected  TLS11  128 bits  RC4-SHA
    Rejected  TLS11  128 bits  RC4-MD5
    Failed    TLS11  128 bits  PSK-RC4-SHA
    Rejected  TLS11  56 bits   EDH-RSA-DES-CBC-SHA
    Rejected  TLS11  56 bits   EDH-DSS-DES-CBC-SHA
    Rejected  TLS11  56 bits   ADH-DES-CBC-SHA
    Rejected  TLS11  56 bits   DES-CBC-SHA
    Rejected  TLS11  40 bits   EXP-EDH-RSA-DES-CBC-SHA
    Rejected  TLS11  40 bits   EXP-EDH-DSS-DES-CBC-SHA
    Rejected  TLS11  40 bits   EXP-ADH-DES-CBC-SHA
    Rejected  TLS11  40 bits   EXP-DES-CBC-SHA
    Rejected  TLS11  40 bits   EXP-RC2-CBC-MD5
    Rejected  TLS11  40 bits   EXP-ADH-RC4-MD5
    Rejected  TLS11  40 bits   EXP-RC4-MD5
    Rejected  TLS11  0 bits    ECDHE-RSA-NULL-SHA
    Rejected  TLS11  0 bits    ECDHE-ECDSA-NULL-SHA
    Rejected  TLS11  0 bits    AECDH-NULL-SHA
    Rejected  TLS11  0 bits    ECDH-RSA-NULL-SHA
    Rejected  TLS11  0 bits    ECDH-ECDSA-NULL-SHA
    Failed    TLS11  0 bits    NULL-SHA256
    Rejected  TLS11  0 bits    NULL-SHA
    Rejected  TLS11  0 bits    NULL-MD5
    Accepted  TLS12  256 bits  ECDHE-RSA-AES256-GCM-SHA384
    Rejected  TLS12  256 bits  ECDHE-ECDSA-AES256-GCM-SHA384
    Accepted  TLS12  256 bits  ECDHE-RSA-AES256-SHA384
    Rejected  TLS12  256 bits  ECDHE-ECDSA-AES256-SHA384
    Accepted  TLS12  256 bits  ECDHE-RSA-AES256-SHA
    Rejected  TLS12  256 bits  ECDHE-ECDSA-AES256-SHA
    Failed    TLS12  256 bits  SRP-DSS-AES-256-CBC-SHA
    Failed    TLS12  256 bits  SRP-RSA-AES-256-CBC-SHA
    Failed    TLS12  256 bits  SRP-AES-256-CBC-SHA
    Rejected  TLS12  256 bits  DHE-DSS-AES256-GCM-SHA384
    Rejected  TLS12  256 bits  DHE-RSA-AES256-GCM-SHA384
    Rejected  TLS12  256 bits  DHE-RSA-AES256-SHA256
    Rejected  TLS12  256 bits  DHE-DSS-AES256-SHA256
    Rejected  TLS12  256 bits  DHE-RSA-AES256-SHA
    Rejected  TLS12  256 bits  DHE-DSS-AES256-SHA
    Rejected  TLS12  256 bits  DHE-RSA-CAMELLIA256-SHA
    Rejected  TLS12  256 bits  DHE-DSS-CAMELLIA256-SHA
    Rejected  TLS12  256 bits  AECDH-AES256-SHA
    Rejected  TLS12  256 bits  ADH-AES256-GCM-SHA384
    Rejected  TLS12  256 bits  ADH-AES256-SHA256
    Rejected  TLS12  256 bits  ADH-AES256-SHA
    Rejected  TLS12  256 bits  ADH-CAMELLIA256-SHA
    Rejected  TLS12  256 bits  ECDH-RSA-AES256-GCM-SHA384
    Rejected  TLS12  256 bits  ECDH-ECDSA-AES256-GCM-SHA384
    Rejected  TLS12  256 bits  ECDH-RSA-AES256-SHA384
    Rejected  TLS12  256 bits  ECDH-ECDSA-AES256-SHA384
    Rejected  TLS12  256 bits  ECDH-RSA-AES256-SHA
    Rejected  TLS12  256 bits  ECDH-ECDSA-AES256-SHA
    Accepted  TLS12  256 bits  AES256-GCM-SHA384
    Accepted  TLS12  256 bits  AES256-SHA256
    Accepted  TLS12  256 bits  AES256-SHA
    Rejected  TLS12  256 bits  CAMELLIA256-SHA
    Failed    TLS12  256 bits  PSK-AES256-CBC-SHA
    Rejected  TLS12  168 bits  ECDHE-RSA-DES-CBC3-SHA
    Rejected  TLS12  168 bits  ECDHE-ECDSA-DES-CBC3-SHA
    Failed    TLS12  168 bits  SRP-DSS-3DES-EDE-CBC-SHA
    Failed    TLS12  168 bits  SRP-RSA-3DES-EDE-CBC-SHA
    Failed    TLS12  168 bits  SRP-3DES-EDE-CBC-SHA
    Rejected  TLS12  168 bits  EDH-RSA-DES-CBC3-SHA
    Rejected  TLS12  168 bits  EDH-DSS-DES-CBC3-SHA
    Rejected  TLS12  168 bits  AECDH-DES-CBC3-SHA
    Rejected  TLS12  168 bits  ADH-DES-CBC3-SHA
    Rejected  TLS12  168 bits  ECDH-RSA-DES-CBC3-SHA
    Rejected  TLS12  168 bits  ECDH-ECDSA-DES-CBC3-SHA
    Rejected  TLS12  168 bits  DES-CBC3-SHA
    Failed    TLS12  168 bits  PSK-3DES-EDE-CBC-SHA
    Accepted  TLS12  128 bits  ECDHE-RSA-AES128-GCM-SHA256
    Rejected  TLS12  128 bits  ECDHE-ECDSA-AES128-GCM-SHA256
    Accepted  TLS12  128 bits  ECDHE-RSA-AES128-SHA256
    Rejected  TLS12  128 bits  ECDHE-ECDSA-AES128-SHA256
    Accepted  TLS12  128 bits  ECDHE-RSA-AES128-SHA
    Rejected  TLS12  128 bits  ECDHE-ECDSA-AES128-SHA
    Failed    TLS12  128 bits  SRP-DSS-AES-128-CBC-SHA
    Failed    TLS12  128 bits  SRP-RSA-AES-128-CBC-SHA
    Failed    TLS12  128 bits  SRP-AES-128-CBC-SHA
    Rejected  TLS12  128 bits  DHE-DSS-AES128-GCM-SHA256
    Rejected  TLS12  128 bits  DHE-RSA-AES128-GCM-SHA256
    Rejected  TLS12  128 bits  DHE-RSA-AES128-SHA256
    Rejected  TLS12  128 bits  DHE-DSS-AES128-SHA256
    Rejected  TLS12  128 bits  DHE-RSA-AES128-SHA
    Rejected  TLS12  128 bits  DHE-DSS-AES128-SHA
    Rejected  TLS12  128 bits  DHE-RSA-SEED-SHA
    Rejected  TLS12  128 bits  DHE-DSS-SEED-SHA
    Rejected  TLS12  128 bits  DHE-RSA-CAMELLIA128-SHA
    Rejected  TLS12  128 bits  DHE-DSS-CAMELLIA128-SHA
    Rejected  TLS12  128 bits  AECDH-AES128-SHA
    Rejected  TLS12  128 bits  ADH-AES128-GCM-SHA256
    Rejected  TLS12  128 bits  ADH-AES128-SHA256
    Rejected  TLS12  128 bits  ADH-AES128-SHA
    Rejected  TLS12  128 bits  ADH-SEED-SHA
    Rejected  TLS12  128 bits  ADH-CAMELLIA128-SHA
    Rejected  TLS12  128 bits  ECDH-RSA-AES128-GCM-SHA256
    Rejected  TLS12  128 bits  ECDH-ECDSA-AES128-GCM-SHA256
    Rejected  TLS12  128 bits  ECDH-RSA-AES128-SHA256
    Rejected  TLS12  128 bits  ECDH-ECDSA-AES128-SHA256
    Rejected  TLS12  128 bits  ECDH-RSA-AES128-SHA
    Rejected  TLS12  128 bits  ECDH-ECDSA-AES128-SHA
    Accepted  TLS12  128 bits  AES128-GCM-SHA256
    Accepted  TLS12  128 bits  AES128-SHA256
    Accepted  TLS12  128 bits  AES128-SHA
    Rejected  TLS12  128 bits  SEED-SHA
    Rejected  TLS12  128 bits  CAMELLIA128-SHA
    Failed    TLS12  128 bits  PSK-AES128-CBC-SHA
    Rejected  TLS12  128 bits  ECDHE-RSA-RC4-SHA
    Rejected  TLS12  128 bits  ECDHE-ECDSA-RC4-SHA
    Rejected  TLS12  128 bits  AECDH-RC4-SHA
    Rejected  TLS12  128 bits  ADH-RC4-MD5
    Rejected  TLS12  128 bits  ECDH-RSA-RC4-SHA
    Rejected  TLS12  128 bits  ECDH-ECDSA-RC4-SHA
    Rejected  TLS12  128 bits  RC4-SHA
    Rejected  TLS12  128 bits  RC4-MD5
    Failed    TLS12  128 bits  PSK-RC4-SHA
    Rejected  TLS12  56 bits   EDH-RSA-DES-CBC-SHA
    Rejected  TLS12  56 bits   EDH-DSS-DES-CBC-SHA
    Rejected  TLS12  56 bits   ADH-DES-CBC-SHA
    Rejected  TLS12  56 bits   DES-CBC-SHA
    Rejected  TLS12  40 bits   EXP-EDH-RSA-DES-CBC-SHA
    Rejected  TLS12  40 bits   EXP-EDH-DSS-DES-CBC-SHA
    Rejected  TLS12  40 bits   EXP-ADH-DES-CBC-SHA
    Rejected  TLS12  40 bits   EXP-DES-CBC-SHA
    Rejected  TLS12  40 bits   EXP-RC2-CBC-MD5
    Rejected  TLS12  40 bits   EXP-ADH-RC4-MD5
    Rejected  TLS12  40 bits   EXP-RC4-MD5
    Rejected  TLS12  0 bits    ECDHE-RSA-NULL-SHA
    Rejected  TLS12  0 bits    ECDHE-ECDSA-NULL-SHA
    Rejected  TLS12  0 bits    AECDH-NULL-SHA
    Rejected  TLS12  0 bits    ECDH-RSA-NULL-SHA
    Rejected  TLS12  0 bits    ECDH-ECDSA-NULL-SHA
    Rejected  TLS12  0 bits    NULL-SHA256
    Rejected  TLS12  0 bits    NULL-SHA
    Rejected  TLS12  0 bits    NULL-MD5

  Preferred Server Cipher(s):
    TLSv1  128 bits  ECDHE-RSA-AES128-SHA
    TLS11  128 bits  ECDHE-RSA-AES128-SHA
    SSLv3  0 bits    (NONE)
    TLS12  128 bits  ECDHE-RSA-AES128-GCM-SHA256

  SSL Certificate:
    Certificate blob:
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgIQDACTENIG2+M3VTWAEY3chzANBgkqhkiG9w0BAQsFADB1
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk
IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE0MDQwODAwMDAwMFoXDTE2MDQxMjEy
MDAwMFowgfAxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB
BAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQITCERlbGF3YXJlMRAwDgYDVQQF
Ewc1MTU3NTUwMRcwFQYDVQQJEw41NDggNHRoIFN0cmVldDEOMAwGA1UEERMFOTQx
MDcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1T
YW4gRnJhbmNpc2NvMRUwEwYDVQQKEwxHaXRIdWIsIEluYy4xEzARBgNVBAMTCmdp
dGh1Yi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx1Nw8r/3z
Tu3BZ63myyLot+KrKPL33GJwCNEMr9YWaiGwNksXDTZjBK6/6iBRlWVm8r+5TaQM
Kev1FbHoNbNwEJTVG1m0Jg/Wg1dZneF8Cd3gE8pNb0Obzc+HOhWnhd1mg+2TDP4r
bTgceYiQz61YGC1R0cKj8keMbzgJubjvTJMLy4OUh+rgo7XZe5trD0P5yu6ADSin
dvEl9ME1PPZ0rd5qM4J73P1LdqfC7vJqv6kkpl/nLnwO28N0c/p+xtjPYOs2ViG2
wYq4JIJNeCS66R2hiqeHvmYlab++O3JuT+DkhSUIsZGJuNZ0ZXabLE9iH6H6Or6c
JL+fyrDFwGeNAgMBAAGjggHuMIIB6jAfBgNVHSMEGDAWgBQ901Cl1qCt7vNKYApl
0yHU+PjWDzAdBgNVHQ4EFgQUakOQfTuYFHJSlTqqKApD+FF+06YwJQYDVR0RBB4w
HIIKZ2l0aHViLmNvbYIOd3d3LmdpdGh1Yi5jb20wDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5o
dHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzEuY3JsMDSg
MqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzEu
Y3JsMEIGA1UdIAQ7MDkwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBz
Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYgGCCsGAQUFBwEBBHwwejAkBggrBgEF
BQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFIGCCsGAQUFBzAChkZodHRw
Oi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyRXh0ZW5kZWRWYWxp
ZGF0aW9uU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQAD
ggEBAG/nbcuC8++QhwnXDxUiLIz+06scipbbXRJd0XjAMbD/RciJ9wiYUhcfTEsg
ZGpt21DXEL5+q/4vgNipSlhBaYFyGQiDm5IQTmIte0ZwQ26jUxMf4pOmI1v3kj43
FHU7uUskQS6lPUgND5nqHkKXxv6V2qtHmssrA9YNQMEK93ga2rWDpK21mUkgLviT
PB5sPdE7IzprOCp+Ynpf3RcFddAkXb6NqJoQRPrStMrv19C1dqUmJRwIQdhkkqev
ff6IQDlhC8BIMKmCNK33cEYDfDWROtW7JNgBvBTwww8jO1gyug8SbGZ6bZ3k8OV8
XX4C2NesiZcLYbc2n7B9O+63M2k=
-----END CERTIFICATE-----

    Version: 3
    Serial Number: 15953718796281471505685363726901697671 (0xc009310d206dbe337553580118ddc87)
    Signature Algorithm: sha256WithRSAEncryption
    Issuer: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Extended Validation Server CA
    Not valid before: Apr  8 00:00:00 2014 GMT
    Not valid after: Apr 12 12:00:00 2016 GMT
    Subject: /businessCategory=Private Organization/1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Delaware/serialNumber=5157550/street=548 4th Street/postalCode=94107/C=US/ST=California/L=San Francisco/O=GitHub, Inc./CN=github.com
    Public Key Algorithm: rsaEncryption
    RSA Public Key: (2048 bit)
      Public-Key: (2048 bit)
      Modulus:
          00:b1:d4:dc:3c:af:fd:f3:4e:ed:c1:67:ad:e6:cb:
          22:e8:b7:e2:ab:28:f2:f7:dc:62:70:08:d1:0c:af:
          d6:16:6a:21:b0:36:4b:17:0d:36:63:04:ae:bf:ea:
          20:51:95:65:66:f2:bf:b9:4d:a4:0c:29:eb:f5:15:
          b1:e8:35:b3:70:10:94:d5:1b:59:b4:26:0f:d6:83:
          57:59:9d:e1:7c:09:dd:e0:13:ca:4d:6f:43:9b:cd:
          cf:87:3a:15:a7:85:dd:66:83:ed:93:0c:fe:2b:6d:
          38:1c:79:88:90:cf:ad:58:18:2d:51:d1:c2:a3:f2:
          47:8c:6f:38:09:b9:b8:ef:4c:93:0b:cb:83:94:87:
          ea:e0:a3:b5:d9:7b:9b:6b:0f:43:f9:ca:ee:80:0d:
          28:a7:76:f1:25:f4:c1:35:3c:f6:74:ad:de:6a:33:
          82:7b:dc:fd:4b:76:a7:c2:ee:f2:6a:bf:a9:24:a6:
          5f:e7:2e:7c:0e:db:c3:74:73:fa:7e:c6:d8:cf:60:
          eb:36:56:21:b6:c1:8a:b8:24:82:4d:78:24:ba:e9:
          1d:a1:8a:a7:87:be:66:25:69:bf:be:3b:72:6e:4f:
          e0:e4:85:25:08:b1:91:89:b8:d6:74:65:76:9b:2c:
          4f:62:1f:a1:fa:3a:be:9c:24:bf:9f:ca:b0:c5:c0:
          67:8d
      Exponent: 65537 (0x10001)

    X509v3 Extensions:
      X509v3 Authority Key Identifier: 
        keyid:3D:D3:50:A5:D6:A0:AD:EE:F3:4A:60:0A:65:D3:21:D4:F8:F8:D6:0F

      X509v3 Subject Key Identifier: 
        6A:43:90:7D:3B:98:14:72:52:95:3A:AA:28:0A:43:F8:51:7E:D3:A6
      X509v3 Subject Alternative Name: 
        DNS:github.com, DNS:www.github.com
      X509v3 Key Usage: critical
        Digital Signature, Key Encipherment
      X509v3 Extended Key Usage: 
        TLS Web Server Authentication, TLS Web Client Authentication
      X509v3 CRL Distribution Points: 

        Full Name:
          URI:http://crl3.digicert.com/sha2-ev-server-g1.crl

        Full Name:
          URI:http://crl4.digicert.com/sha2-ev-server-g1.crl

      X509v3 Certificate Policies: 
        Policy: 2.16.840.1.114412.2.1
          CPS: https://www.digicert.com/CPS

      Authority Information Access: 
        OCSP - URI:http://ocsp.digicert.com
        CA Issuers - URI:http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt

      X509v3 Basic Constraints: critical
        CA:FALSE
  Verify Certificate:
    unable to get local issuer certificate
funbrain commented 3 years ago

same here!

Shivam-Patil-groots commented 1 year ago

Did you found any solution ?