Data Networking Blog
Blog for Admins

SSLSCAN showed no Ciphers

Standard

I recently had a problem where scanning a IIS web server using Titania SSLScan tool for SSL/TLS ciphers I received empty results. The webserver otherwise was working fine and if I tried a web browser I could see a cipher in the SSL certificate. After spending alot of time I finally found a solution.

Running the following command in on cmd revealed the SSL certificate was not bound to an IP address

Where as on my older webservers I could clearly see the certificate was bound to 0.0.0.0:443 so I knew there was something missing. The solution was to import the SSL certificate to my machines local certificate store using MMC. While doing so you must choose the Computer account and not user or service account. Once the certificate has been imported open cmd as administrator and run the following:

You can easily find your certificate hash by opening the actual certificate file and the application Id is listed if you run the first command. Once this was done I restarted the IIS webserver and now SSLScan showed proper ciphers accepted by webserver.

August 20, 2015 Security, Systems, Windows Jd

Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">

Font Size
Decrease Size Default Size Increase Size
Select Skin
Select Underlay Background
Select Overlay Background
Scheme Switcher Toggle