• SSL Labs Known Issues & SSL Labs IP Source IP Addresses

    This page documents the known issues with the SSL Labs code running in production (i.e., www.ssllabs.com).   If your issue is listed as fixed in the latest development version, check it at: https://dev.ssllabs.c...
    Ivan Ristić
    last modified by Robert Dell'Immagine
  • SSL Labs Changelog

    Version 2.1.4Released to production on 16th April 2020   Fixes GitHub: False positive on Windows IIS server for Zombie Poodle/ GOLDENDOODLE (#741, #778) First assessment through API gives the curre...
    Ivan Ristić
    last modified by Nayan Kakati
  • SSL Labs: Read This First

    Bugs and Known Issues You'll find a record of known issues on this page. Please report new problems here. Please don't use the issue tracker to report suggestions about grading changes.   Commonly Requested Featu...
    Ivan Ristić
    last modified by Robert Dell'Immagine
  • SSL Labs Grading 2018

    Preview 2 (Jan 2018) IntroductionSSL Labs first launched in 2009, its main goal being to provide comprehensive diagnostics of SSL/TLS and PKI configuration issues. However, the project also provided a way to measure ...
    Bhushan Lokhande
    last modified by Bhushan Lokhande
  • Explanation of chain issues in SSL Labs tests

    One of the recent additions to the SSL Labs test was the detection of various chain issues. The feature is still marked as experimental, and it will remain so until we conclude that the advice we give there is safe. &...
    Ivan Ristić
    last modified by Ivan Ristić
  • POODLE Bites TLS

    For more information, please go here.
    Ivan Ristić
    last modified by Ivan Ristić
  • SSL Server Test site (BEAST detection)

    Hi!   May i know the criteria when the website be detect as BEAST vulnerable?   Is it possible pass the testing with openssl1.0.0k&apache2.2 without TLS1.1/TLS1.2 and not change the SSLCipherSuite with...
    weicheng
    last modified by weicheng
  • How to resolve SSL 2.0 Insecure?

    Hi   We are new to this. We have this latest report and we wonder how to fix it? Do we need to fix it at all as we have been told no one is using SSL 2.0? Thanks   Protocols TLS 1.2 No TLS 1.1 No TLS 1...
    developer0
    last modified by steve
  • What does "SSL 2.0+ Upgrade Support" in SSL Labs test mean?

    In every SSL (or TLS) connection, before data can be safely sent over the channel, the parties must perform a handshake to agree on common encryption parameters. There are two handshake formats: the original format us...
    Ivan Ristić
    last modified by Ivan Ristić