SSL Labs Known Issues

Document created by Ivan Ristić on Jun 17, 2014Last modified by Nauman Akhtar Shah on Feb 20, 2020
Version 65Show Document
  • View in full screen mode

This page documents the known issues with the SSL Labs code running in production (i.e.,


If your issue is listed as fixed in the latest development version, check it at:


Report SSL Labs issues.


IP Addresses


We are using the following IP address ranges:

  • SSL Labs - (IPv4) & 2600:C02:1020:4202::/64 (IPv6)
  • SSL Pulse -
  • Development SSL Labs server - (IPv4) & 2001:4801:7827:102:93a4:e8aa:5bca:d1f (IPv6)




At present, SSL Labs has the following limitations:

  • SSL Labs currently uses Mozilla CA certificate store only. If the root is not there we report it as not trusted. A future SSL Labs version will report trust for each major root store separately.
  • Certificate trust is not checked in handshake simulation, we only perform TLS handshake.