用Java检测HTTPS网站所支持的TLS版本信息
简介
服务器升级、JDK升级、API升级等都可能会造成原有HTTPS的API调不通的情况。造成这种情况的原因有许多,但千万别忽视TLS和证书的问题。
有许多工具和软件可以做检测,下面来介绍常用的几种。
检测工具介绍
curl
当用curl去连接时,可以打印对应的Protocal和cipher信息:
$ curl -k -v https://www.pkslow.com
* Trying 119.23.215.59:443...
* Connected to www.pkslow.com (119.23.215.59) port 443
* ALPN: curl offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
* (304) (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN: server accepted http/1.1
* Server certificate:
* subject: CN=pkslow.com
* start date: Feb 1 11:09:56 2024 GMT
* expire date: May 1 11:09:55 2024 GMT
* issuer: C=US; O=Let's Encrypt; CN=R3
* SSL certificate verify ok.
* using HTTP/1.1
> GET / HTTP/1.1
> Host: www.pkslow.com
> User-Agent: curl/8.4.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx/1.14.1
< Date: Fri, 15 Mar 2024 07:45:35 GMT
< Content-Type: text/html
< Content-Length: 94562
< Connection: keep-alive
< Content-Language: en-US
还可以设定最大的TLS版本:
curl -k -v --tls-max 1.2 https://www.pkslow.com
kali sslscan
Kali提供了 sslscan ,在Mac安装如下:
brew install sslscan
测试:
$ sslscan www.pkslow.com:443
Version: 2.0.6-static
OpenSSL 1.1.1g 21 Apr 2020
Connected to 119.23.215.59
Testing SSL server www.pkslow.com on port 443 using SNI name www.pkslow.com
SSL/TLS Protocols:
SSLv2 disabled
SSLv3 disabled
TLSv1.0 enabled
TLSv1.1 enabled
TLSv1.2 enabled
TLSv1.3 disabled
TLS Fallback SCSV:
Server supports TLS Fallback SCSV
TLS renegotiation:
Secure session renegotiation supported
TLS Compression:
Compression disabled
Heartbleed:
TLSv1.2 not vulnerable to heartbleed
TLSv1.1 not vulnerable to heartbleed
TLSv1.0 not vulnerable to heartbleed
Supported Server Cipher(s):
Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve 25519 DHE 253
Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve 25519 DHE 253
Accepted TLSv1.2 256 bits ECDHE-RSA-CHACHA20-POLY1305 Curve 25519 DHE 253
Accepted TLSv1.2 256 bits ECDHE-ARIA256-GCM-SHA384 Curve 25519 DHE 253
Accepted TLSv1.2 128 bits ECDHE-ARIA128-GCM-SHA256 Curve 25519 DHE 253
Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve 25519 DHE 253
Accepted TLSv1.2 256 bits ECDHE-RSA-CAMELLIA256-SHA384 Curve 25519 DHE 253
Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve 25519 DHE 253
Accepted TLSv1.2 128 bits ECDHE-RSA-CAMELLIA128-SHA256 Curve 25519 DHE 253
Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve 25519 DHE 253
Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve 25519 DHE 253
Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve 25519 DHE 253
Accepted TLSv1.2 256 bits AES256-GCM-SHA384
Accepted TLSv1.2 256 bits AES256-CCM8
Accepted TLSv1.2 256 bits AES256-CCM
Accepted TLSv1.2 128 bits AES128-GCM-SHA256
Accepted TLSv1.2 128 bits AES128-CCM8
Accepted TLSv1.2 128 bits AES128-CCM
Accepted TLSv1.2 256 bits AES256-SHA256
Accepted TLSv1.2 128 bits AES128-SHA256
Accepted TLSv1.2 256 bits AES256-SHA
Accepted TLSv1.2 128 bits AES128-SHA
Accepted TLSv1.2 256 bits ARIA256-GCM-SHA384
Accepted TLSv1.2 128 bits ARIA128-GCM-SHA256
Accepted TLSv1.2 256 bits CAMELLIA256-SHA256
Accepted TLSv1.2 128 bits CAMELLIA128-SHA256
Accepted TLSv1.2 256 bits CAMELLIA256-SHA
Accepted TLSv1.2 128 bits CAMELLIA128-SHA
Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve 25519 DHE 253
Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve 25519 DHE 253
Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve 25519 DHE 253
Accepted TLSv1.1 256 bits AES256-SHA
Accepted TLSv1.1 128 bits AES128-SHA
Accepted TLSv1.1 256 bits CAMELLIA256-SHA
Accepted TLSv1.1 128 bits CAMELLIA128-SHA
Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve 25519 DHE 253
Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve 25519 DHE 253
Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve 25519 DHE 253
Accepted TLSv1.0 256 bits AES256-SHA
Accepted TLSv1.0 128 bits AES128-SHA
Accepted TLSv1.0 256 bits CAMELLIA256-SHA
Accepted TLSv1.0 128 bits CAMELLIA128-SHA
Server Key Exchange Group(s):
TLSv1.2 128 bits secp256r1 (NIST P-256)
TLSv1.2 192 bits secp384r1 (NIST P-384)
TLSv1.2 260 bits secp521r1 (NIST P-521)
TLSv1.2 128 bits x25519
TLSv1.2 224 bits x448
Server Signature Algorithm(s):
TLSv1.2 rsa_pkcs1_sha1
TLSv1.2 rsa_pkcs1_sha224
TLSv1.2 rsa_pkcs1_sha256
TLSv1.2 rsa_pkcs1_sha384
TLSv1.2 rsa_pkcs1_sha512
TLSv1.2 rsa_pss_rsae_sha256
TLSv1.2 rsa_pss_rsae_sha384
TLSv1.2 rsa_pss_rsae_sha512
SSL Certificate:
Signature Algorithm: sha256WithRSAEncryption
RSA Key Strength: 2048
Subject: pkslow.com
Altnames: DNS:pkslow.com, DNS:www.pkslow.com
Issuer: R3
Not valid before: Feb 1 11:09:56 2024 GMT
Not valid after: May 1 11:09:55 2024 GMT
nmap
Nmap 是非常好有的网络工具:
$ nmap -Pn --script ssl-enum-ciphers -p 443 www.pkslow.com
Starting Nmap 7.70 ( https://nmap.org ) at 2024-03-15 19:14 CST
Nmap scan report for www.pkslow.com (119.23.215.59)
Host is up (0.0031s latency).
PORT STATE SERVICE
443/tcp open https
| ssl-enum-ciphers:
| TLSv1.0:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (ecdh_x25519) - C
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
| compressors:
| NULL
| cipher preference: server
| warnings:
| 64-bit block cipher 3DES vulnerable to SWEET32 attack
| TLSv1.1:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (ecdh_x25519) - C
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
| compressors:
| NULL
| cipher preference: server
| warnings:
| 64-bit block cipher 3DES vulnerable to SWEET32 attack
| TLSv1.2:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (ecdh_x25519) - C
| TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CCM_8 (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CCM (rsa 2048) - A
| TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_AES_128_CCM_8 (rsa 2048) - A
| TLS_RSA_WITH_AES_128_CCM (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_ARIA_256_GCM_SHA384 (rsa 2048) - A
| TLS_RSA_WITH_ARIA_128_GCM_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
| compressors:
| NULL
| cipher preference: server
| warnings:
| 64-bit block cipher 3DES vulnerable to SWEET32 attack
|_ least strength: C
Nmap done: 1 IP address (1 host up) scanned in 2.95 seconds
Java ssltest
当然,我们还可以通过Java代码来完成测试。可以读取JVM所能提供的所有Cipher,然后一一做连接测试:
Host [www.pkslow.com] resolves to address [119.23.215.59]
Auto-detected client-supported protocols: [DTLSv1.0, DTLSv1.2, SSLv3, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3]
Testing server www.pkslow.com:443
Supported Protocol Cipher
Accepted TLSv1 TLS_RSA_WITH_AES_256_CBC_SHA
Accepted TLSv1 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Accepted TLSv1 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Accepted TLSv1 TLS_RSA_WITH_AES_128_CBC_SHA
Accepted TLSv1 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Accepted TLSv1.1 TLS_RSA_WITH_AES_256_CBC_SHA
Accepted TLSv1.1 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Accepted TLSv1.1 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Accepted TLSv1.1 TLS_RSA_WITH_AES_128_CBC_SHA
Accepted TLSv1.1 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Accepted TLSv1.2 TLS_RSA_WITH_AES_256_CBC_SHA
Accepted TLSv1.2 TLS_RSA_WITH_AES_256_CBC_SHA256
Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Accepted TLSv1.2 TLS_RSA_WITH_AES_128_CBC_SHA256
Accepted TLSv1.2 TLS_RSA_WITH_AES_128_GCM_SHA256
Accepted TLSv1.2 TLS_RSA_WITH_AES_256_GCM_SHA384
Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
Accepted TLSv1.2 TLS_RSA_WITH_AES_128_CBC_SHA
Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Given this client's capabilities ([DTLSv1.0, DTLSv1.2, SSLv3, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3]), the server prefers protocol=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
代码
代码请查看 GitHub.