cipher

Linux: using nmap to check the secure protocols and ciphers of a site

While enabling HTTPS is a important step in securing your web application, it is critical that you take steps to disable legacy protocols and low strength ciphers that can circumvent the very security you are attempting to implement. The Qualys SSL test is popular for grading the overall security of a public site, but you Linux: using nmap to check the secure protocols and ciphers of a site

PingIdentity: Disabling SSLv3 and weak ciphers for PingFederate

The PingFederate server provides best-in-class Identity Management and SSO.  However, due to US laws governing export of cryptography, the default SSL protocols and cipher suites need to be configured to harden the solution. Below are the steps involved with making these post-installation changes.

OpenSSL: Using OpenSSL to enumerate protocols and ciphers in use by web applications

Update Feb 2023: enumerating the secure protocols and ciphers of a remote site can be done more efficiently by nmap, as described in my other article here. While enabling HTTPS is a important step in securing your web application, it is critical that you take steps to disable legacy protocols and low strength ciphers that OpenSSL: Using OpenSSL to enumerate protocols and ciphers in use by web applications