Any good reason why the ssl test couldn't support non-standard ports?
Brian, is your question about SSL Labs? I will assume so.
My reason (back in the early days of SSL Labs) was that I just didn't want random people to use the service to poke arbitrary servers and ports. SSL Labs is designed to scan public services, and those have well defined ports. For the same reason, we don't accept IP addresses.
Thank-you. Yes this was in regards to the SSL Labs Server Test. I'm not sure how I posted into the wrong forum. (nor do I know how to move this thread)
I better understand your design goals now. I'm looking for a similar tool to learn more about my own implementation. I have just configured SSL on Apache to host a public ownCloud and had difficulty finding current, veted, recommendations for mod-SSL directives such as SSLCipherSuite which I think is responsible for the majority of the security profile.
For internal testing, I searched for SSL in the Knowledge Base and found the following QIDs that may help:
38174 SSL Certificate - Will Expire Soon Remote Discovery
General remote services 0 11/15/2011 01/29/2003
38173 SSL Certificate - Signature Verification Failed Vulnerability Remote Discovery
General remote services 9.4 05/22/2009 01/29/2003
38172 SSL Certificate - Improper Usage Vulnerability Remote Discovery
General remote services 5 04/30/2012 01/29/2003
38171 SSL Certificate - Server Public Key Too Small Remote Discovery
General remote services 5 08/03/2012 01/24/2003
38170 SSL Certificate - Subject Common Name Does Not Match Server FQDN Remote Discovery
General remote services 2.6 09/29/2008 01/24/2003
38169 SSL Certificate - Self-Signed Certificate Remote Discovery
General remote services 9.4 05/24/2009 01/24/2003
38168 SSL Certificate - Future Start Date Remote Discovery
General remote services 6.4 05/14/2009 01/24/2003
38167 SSL Certificate - Expired Remote Discovery
General remote services 6.4 04/16/2009 01/24/2003
38143 SSL Server Allows Cleartext Communication Vulnerability Remote Discovery
General remote services 5.4 08/05/2008 11/22/2002
38142 SSL Server Allows Anonymous Authentication Vulnerability Remote Discovery
General remote services 5.1 07/07/2008 11/22/2002
38141 SSL Server May Be Forced to Use Weak Encryption Vulnerability Remote Discovery
General remote services 5.4 07/12/2011 11/20/2002
38140 SSL Server Supports Weak Encryption Vulnerability Remote Discovery
General remote services 9 05/28/2009 11/19/2002
38139 SSL Server Has SSLv2 Enabled Vulnerability Remote Discovery
General remote services 4 05/09/2012 11/19/2002
Here's my recommendation for cipher suite configuration when using OpenSSL:
Retrieving data ...