testssl.sh | Testing TLS/SSL encryption anywhere on any port | TLS library

This question is closely related to one I asked yesterday, but my diagnostic information is different enough that I thought I'd update and resubmit: let me know if I should delete one of these.

I have a toy GRPC server written in .NET core that I need to connect to using a client using the grpc C core.

You can find the Startup.cs and Program.cs for the .net core server here. Nothing too interesting, except a call to UseHttps. I've verified the server works by connecting to it (over https) from a .net core client.

However I've tried to connect to this server from clients written in both C++ and python now, and the result is a GRPC error 14 and the following message on the client side

In OpenSSL 1.0.2 we have used the ssl3_get_cipher_by_id() function found in s3_lib.c to obtain a cipher suite (SSL_CIPHER*) using the IANA ID.

For example, the ID 0x00,0x2F would give us the TLS_RSA_WITH_AES_128_CBC_SHA cipher suite as an SSL_CIPHER struct.

However, this function is not listed in the OpenSSL documentation from 1.0.2 and above, and while the function is still available in 1.1.1 it does not seem to work for newer cipher suites, e.g. returning NULL for both of these:

I have created a PHP secure websocket (wss) server using php React and Ratchet. I only have a self signed certificate, because I am currently only trying to use my server as a backend for an app, and so I don't need a domain name, as it's only for the app to access, not for people to access directly, and so it seems a waste of money to have to subscribe to a domain name just for that, and I would need a domain name before getting a trusted ssl certificate, and I own the server anyway. That being said, here is my code in

secure-socket-server.php:

I'm currently working on setting up automatized pentest reporting. The scripts I set up perform TLS and other security checks to see if the application is secure in these aspects yes or no. Currently use the testssl.sh application (which can be found here: https://testssl.sh/) to perform these checks. I then output the findings to a csv file and created a script that greps the file in question and based on what is found, he will mention something is wrong or is correct. Seeing as I have performed a check and all values were correct, I apply invert greps to say that whenever the value cannot be found in the file, then he needs to perform a certain action.

At first I thought the script I was working on was working, however, when testing another site, the output generated is not correct. Things that are missing should be mentioned, however, when I invert grep only one term without placing OR statements in between the large amounts of things that need to be checked it seems to work.

I have tried all sorts of grep types to get a constant output, but no luck so far. So far, I have tried the following:

I have an instance of RabbitMQ 3.7.7-management image running. It has the rabbitmq-management plugin enabled and configured to use HTTPS as per the documentation:

We're using the Text-finder Plugin in our installation. I created a job that runs the testssh.sh script that tests for SSL vulnerability and it produces an output like...

I have a file containing 1 000 000 domain names and I'm currently launching the script testssl.sh (http://testssl.sh) on each domain of the list (i.e each line of the file). I'm using GNU parallel to improve performance. Here is how I launch testssl.sh with GNU parallel :