dave2wave opened a new issue, #865:
URL: https://github.com/apache/tooling-trusted-releases/issues/865
We updated our P6 configuration for SSL improvements and then ran
`testssl.sh`
We were rated as A+, but there are still some issues to look into:
1. OSCP stapling is not offered although it should be turned on.
2. Several configurations were duplicated.
Here's the report:
```
#####################################################################
testssl.sh version 3.2.3 from https://testssl.sh/
This program is free software. Distribution and modification under
GPLv2 permitted. USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
Please file bugs @ https://testssl.sh/bugs/
#####################################################################
Using OpenSSL 1.0.2-bad (Sep 3 2022) [~183 ciphers]
on Daves-MacBook-Pro:./bin/openssl.Darwin.x86_64
Start 2026-03-11 10:26:25 -->> 3.73.92.246:443
(release-test.apache.org) <<--
rDNS (3.73.92.246): ec2-3-73-92-246.eu-central-1.compute.amazonaws.com.
Service detected: HTTP
Testing protocols via sockets except NPN+ALPN
SSLv2 not offered (OK)
SSLv3 not offered (OK)
TLS 1 not offered
TLS 1.1 not offered
TLS 1.2 offered (OK)
TLS 1.3 offered (OK): final
NPN/SPDY not offered
ALPN/HTTP2 http/1.1 (offered)
Testing cipher categories
NULL ciphers (no encryption) not offered (OK)
Anonymous NULL Ciphers (no authentication) not offered (OK)
Export ciphers (w/o ADH+NULL) not offered (OK)
LOW: 64 Bit + DES, RC[2,4], MD5 (w/o export) not offered (OK)
Triple DES Ciphers / IDEA not offered
Obsoleted CBC ciphers (AES, ARIA etc.) not offered
Strong encryption (AEAD ciphers) with no FS not offered
Forward Secrecy strong encryption (AEAD ciphers) offered (OK)
Testing server's cipher preferences
Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits
Cipher Suite Name (IANA/RFC)
-----------------------------------------------------------------------------------------------------------------------------
SSLv2
-
SSLv3
-
TLSv1
-
TLSv1.1
-
TLSv1.2 (no server order, thus listed by strength)
xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 384 AESGCM 256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
x9f DHE-RSA-AES256-GCM-SHA384 DH 2048 AESGCM 256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
xcca8 ECDHE-RSA-CHACHA20-POLY1305 ECDH 384 ChaCha20 256
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
xccaa DHE-RSA-CHACHA20-POLY1305 DH 2048 ChaCha20 256
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 384 AESGCM 128
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
x9e DHE-RSA-AES128-GCM-SHA256 DH 2048 AESGCM 128
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLSv1.3 (no server order, thus listed by strength)
x1302 TLS_AES_256_GCM_SHA384 ECDH 253 AESGCM 256
TLS_AES_256_GCM_SHA384
x1303 TLS_CHACHA20_POLY1305_SHA256 ECDH 253 ChaCha20 256
TLS_CHACHA20_POLY1305_SHA256
x1301 TLS_AES_128_GCM_SHA256 ECDH 253 AESGCM 128
TLS_AES_128_GCM_SHA256
Has server cipher order? no
(limited sense as client will pick)
Testing robust forward secrecy (FS) -- omitting Null
Authentication/Encryption, 3DES, RC4
FS is offered (OK) TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256 ECDHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-CHACHA20-POLY1305 DHE-RSA-CHACHA20-POLY1305
TLS_AES_128_GCM_SHA256
ECDHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES128-GCM-SHA256
KEMs offered None
Elliptic curves offered: prime256v1 secp384r1 X25519
DH group offered: RFC3526/Oakley Group 14 (2048 bits)
TLS 1.2 sig_algs offered: RSA-PSS-RSAE+SHA512 RSA-PSS-RSAE+SHA384
RSA-PSS-RSAE+SHA256 RSA+SHA512 RSA+SHA384 RSA+SHA256 RSA+SHA224
TLS 1.3 sig_algs offered: RSA-PSS-RSAE+SHA512 RSA-PSS-RSAE+SHA384
RSA-PSS-RSAE+SHA256
Testing server defaults (Server Hello)
TLS extensions (standard) "server name/#0" "max fragment length/#1"
"supported_groups/#10" "EC point formats/#11" "application layer protocol
negotiation/#16" "extended master secret/#23" "supported versions/#43"
"key share/#51" "renegotiation info/#65281"
Session Ticket RFC 5077 hint no -- no lifetime advertised
SSL Session ID support yes
Session Resumption Tickets no, ID: yes
TLS clock skew Random values, no fingerprinting possible
Certificate Compression none
Client Authentication none
Signature Algorithm SHA256 with RSA
Server key size RSA 2048 bits (exponent is 65537)
Server key usage Digital Signature, Key Encipherment
Server extended key usage TLS Web Server Authentication, TLS Web Client
Authentication
Serial 0672B78C7DA06D686278E89EB2E9A29B3968 (OK:
length 18)
Fingerprints SHA1 A8CFBAD6C71639D9D1D29E8785335100A4EEE895
SHA256
3BCFB7FCC62F5AA3DE1F24E84F7B5BF844738A6DEE56AF735D0226C5FC17F4E7
Common Name (CN) release-test.apache.org
subjectAltName (SAN) release-test.apache.org
Trust (hostname) Ok via SAN and CN (same w/o SNI)
Chain of trust Ok
EV cert (experimental) no
Certificate Validity (UTC) 51 >= 30 days (2026-01-31 22:17 --> 2026-05-01
22:17)
ETS/"eTLS", visibility info not present
Certificate Revocation List http://r12.c.lencr.org/105.crl
OCSP URI --
OCSP stapling not offered
OCSP must staple extension --
DNS CAA RR (experimental) available - please check for match with
"Issuer" below
iodef=mailto:[email protected],
issue=globalsign.com, issue=letsencrypt.org, issue=sectigo.com
Certificate Transparency yes (certificate extension)
Certificates provided 2
Issuer R12 (Let's Encrypt from US)
Intermediate cert validity #1: ok > 40 days (2027-03-12 23:59). R12 <--
ISRG Root X1
Intermediate Bad OCSP (exp.) Ok
Testing HTTP header response @ "/"
HTTP Status Code 200
HTTP clock skew 0 sec from localtime
Strict Transport Security misconfiguration: Strict-Transport-Security 2x
-- checking first one only
730 days=63072000 s, includeSubDomains
Public Key Pinning --
Server banner hypercorn-h11
Application banner --
Cookie(s) (none issued at "/")
Security headers misconfiguration: X-Frame-Options 2x --
checking first one only
X-Frame-Options: DENY
misconfiguration: X-Content-Type-Options 2x --
checking first one only
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';
script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self'
https://apache.org https://incubator.apache.org https://www.apache.org data:;
font-src 'self'; connect-src 'self';
frame-src 'none'; object-src 'none'; base-uri 'none'; form-action 'self';
frame-ancestors 'none'
Permissions-Policy: accelerometer=(),
autoplay=(), camera=(), clipboard-read=(), clipboard-write=(self),
display-capture=(), geolocation=(), gyroscope=(), magnetometer=(),
microphone=(),
midi=(), payment=(), usb=(),
xr-spatial-tracking=()
Permissions-Policy: accelerometer=(),
autoplay=(), camera=(), clipboard-read=(), clipboard-write=(self),
display-capture=(), geolocation=(), gyroscope=(), magnetometer=(),
microphone=(),
midi=(), payment=(), usb=(),
xr-spatial-tracking=()
misconfiguration: Referrer-Policy 2x --
checking first one only
Referrer-Policy:
strict-origin-when-cross-origin
Reverse Proxy banner Via: 1.1 release-test.apache.org
Testing vulnerabilities
Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat
extension
CCS (CVE-2014-0224) not vulnerable (OK)
Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK), no session
ticket extension
ROBOT Server does not support any
cipher suites that use RSA key transport
Secure Renegotiation (RFC 5746) supported (OK)
Secure Client-Initiated Renegotiation not vulnerable (OK)
CRIME, TLS (CVE-2012-4929) not vulnerable (OK)
BREACH (CVE-2013-3587) potentially NOT ok, "gzip" HTTP
compression detected. - only supplied "/" tested
Can be ignored for static pages
or if no secrets in the page
POODLE, SSL (CVE-2014-3566) not vulnerable (OK), no SSLv3
support
TLS_FALLBACK_SCSV (RFC 7507) No fallback possible (OK), no
protocol below TLS 1.2 offered
SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)
FREAK (CVE-2015-0204) not vulnerable (OK)
DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and
port (OK)
make sure you don't use this
certificate elsewhere with SSLv2 enabled services, see
https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=3BCFB7FCC62F5AA3DE1F24E84F7B5BF844738A6DEE56AF735D0226C5FC17F4E7
LOGJAM (CVE-2015-4000), experimental common prime with 2048 bits
detected: RFC3526/Oakley Group 14 (2048 bits),
but no DH EXPORT ciphers
BEAST (CVE-2011-3389) not vulnerable (OK), no SSL3 or
TLS1
LUCKY13 (CVE-2013-0169), experimental not vulnerable (OK)
Winshock (CVE-2014-6321), experimental not vulnerable (OK)
RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)
Running client simulations (HTTP) via sockets
Browser Protocol Cipher Suite Name (OpenSSL)
Forward Secrecy
------------------------------------------------------------------------------------------------
Android 7.0 (native) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
256 bit ECDH (P-256)
Android 8.1 (native) TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
253 bit ECDH (X25519)
Android 9.0 (native) TLSv1.3 TLS_AES_128_GCM_SHA256
253 bit ECDH (X25519)
Android 10.0 (native) TLSv1.3 TLS_AES_128_GCM_SHA256
253 bit ECDH (X25519)
Android 11/12 (native) TLSv1.3 TLS_AES_128_GCM_SHA256
253 bit ECDH (X25519)
Android 13/14 (native) TLSv1.3 TLS_AES_128_GCM_SHA256
253 bit ECDH (X25519)
Android 15 (native) TLSv1.3 TLS_AES_128_GCM_SHA256
253 bit ECDH (X25519)
Chrome 101 (Win 10) TLSv1.3 TLS_AES_128_GCM_SHA256
253 bit ECDH (X25519)
Chromium 137 (Win 11) TLSv1.3 TLS_AES_128_GCM_SHA256
253 bit ECDH (X25519)
Firefox 100 (Win 10) TLSv1.3 TLS_AES_128_GCM_SHA256
253 bit ECDH (X25519)
Firefox 137 (Win 11) TLSv1.3 TLS_AES_128_GCM_SHA256
253 bit ECDH (X25519)
IE 8 Win 7 No connection
IE 11 Win 7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384
2048 bit DH
IE 11 Win 8.1 TLSv1.2 DHE-RSA-AES256-GCM-SHA384
2048 bit DH
IE 11 Win Phone 8.1 No connection
IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
256 bit ECDH (P-256)
Edge 15 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
253 bit ECDH (X25519)
Edge 101 Win 10 21H2 TLSv1.3 TLS_AES_128_GCM_SHA256
253 bit ECDH (X25519)
Edge 133 Win 11 23H2 TLSv1.3 TLS_AES_128_GCM_SHA256
253 bit ECDH (X25519)
Safari 18.4 (iOS 18.4) TLSv1.3 TLS_AES_128_GCM_SHA256
253 bit ECDH (X25519)
Safari 15.4 (macOS 12.3.1) TLSv1.3 TLS_AES_128_GCM_SHA256
253 bit ECDH (X25519)
Safari 18.4 (macOS 15.4) TLSv1.3 TLS_AES_128_GCM_SHA256
253 bit ECDH (X25519)
Java 7u25 No connection
Java 8u442 (OpenJDK) TLSv1.3 TLS_AES_256_GCM_SHA384
253 bit ECDH (X25519)
Java 11.0.2 (OpenJDK) TLSv1.3 TLS_AES_128_GCM_SHA256
256 bit ECDH (P-256)
Java 17.0.3 (OpenJDK) TLSv1.3 TLS_AES_256_GCM_SHA384
253 bit ECDH (X25519)
Java 21.0.6 (OpenJDK) TLSv1.3 TLS_AES_256_GCM_SHA384
253 bit ECDH (X25519)
go 1.17.8 TLSv1.3 TLS_AES_128_GCM_SHA256
253 bit ECDH (X25519)
LibreSSL 3.3.6 (macOS) TLSv1.3 TLS_CHACHA20_POLY1305_SHA256
253 bit ECDH (X25519)
OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
256 bit ECDH (P-256)
OpenSSL 1.1.1d (Debian) TLSv1.3 TLS_AES_256_GCM_SHA384
253 bit ECDH (X25519)
OpenSSL 3.0.15 (Debian) TLSv1.3 TLS_AES_256_GCM_SHA384
253 bit ECDH (X25519)
OpenSSL 3.5.0 (git) TLSv1.3 TLS_AES_256_GCM_SHA384
253 bit ECDH (X25519)
Apple Mail (16.0) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
256 bit ECDH (P-256)
Thunderbird (91.9) TLSv1.3 TLS_AES_128_GCM_SHA256
253 bit ECDH (X25519)
Rating (experimental)
Rating specs (not complete) SSL Labs's 'SSL Server Rating Guide' (version
2009r from 2025-05-16)
Specification documentation
https://github.com/ssllabs/research/wiki/SSL-Server-Rating-Guide
Protocol Support (weighted) 100 (30)
Key Exchange (weighted) 90 (27)
Cipher Strength (weighted) 90 (36)
Final Score 93
Overall Grade A+
Done 2026-03-11 10:29:23 [0183s] -->> 3.73.92.246:443
(release-test.apache.org) <<--
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
