AnsweredAssumed Answered

Handshake with Chrome?

Question asked by patrikloehr on Aug 23, 2013
Latest reply on Aug 26, 2013 by patrikloehr

Hello Qualys,


i'm wondering if you released a new version of the SSL Server Test and if there is probably a failure in it regarding the handshake simulation with Chrome29/Win7? Because now -without a change on our server- it shows we are not supporting PFS for Chrome29/Win7, what it showed the opposite several days before. When i use a real Chrome29 with Windows 7, it shows it uses TLS1.2 with AES_256_CBC and DHE_RSA-Key Exchange - so this is with support for PFS.

Can you perhaps explain the difference between handshake simulation and real experience or correct the test?


Another thing i was wondering: The test shows now, we are vulnerable for BEAST. Thats strange, because some days ago, we were not - like i said, we did not change a thing on our server...


Thanks an best regards,