text 检查给定主机名支持的SSL / TLS版本
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了text 检查给定主机名支持的SSL / TLS版本相关的知识,希望对你有一定的参考价值。
function Test-ServerSSLSupport {
[CmdletBinding()]
param(
[Parameter(Mandatory = $true, ValueFromPipeline = $true)]
[ValidateNotNullOrEmpty()]
[string]$HostName,
[UInt16]$Port = 443
)
process {
$RetValue = New-Object psobject -Property @{
Host = $HostName
Port = $Port
SSLv2 = $false
SSLv3 = $false
TLSv1_0 = $false
TLSv1_1 = $false
TLSv1_2 = $false
KeyExhange = $null
HashAlgorithm = $null
}
"ssl2", "ssl3", "tls", "tls11", "tls12" | %{
$TcpClient = New-Object Net.Sockets.TcpClient
$TcpClient.Connect($RetValue.Host, $RetValue.Port)
$SslStream = New-Object Net.Security.SslStream $TcpClient.GetStream()
$SslStream.ReadTimeout = 15000
$SslStream.WriteTimeout = 15000
try {
$SslStream.AuthenticateAsClient($RetValue.Host,$null,$_,$false)
$RetValue.KeyExhange = $SslStream.KeyExchangeAlgorithm
$RetValue.HashAlgorithm = $SslStream.HashAlgorithm
$status = $true
} catch {
$status = $false
}
switch ($_) {
"ssl2" {$RetValue.SSLv2 = $status}
"ssl3" {$RetValue.SSLv3 = $status}
"tls" {$RetValue.TLSv1_0 = $status}
"tls11" {$RetValue.TLSv1_1 = $status}
"tls12" {$RetValue.TLSv1_2 = $status}
}
# dispose objects to prevent memory leaks
$TcpClient.Dispose()
$SslStream.Dispose()
}
$RetValue
}
}
Test-ServerSSLSupport
以上是关于text 检查给定主机名支持的SSL / TLS版本的主要内容,如果未能解决你的问题,请参考以下文章
SSL与TLS原理(未完成)
SSL与TLS原理(未完成)
SECURITY 03: 邮件服务TLS/SSL 总结和答疑 CA数字证书服务
SSL/TLS深度解析--测试TLS/SSL加密
TLS(SSL)
JAVA 6 不支持 SNI,还有其他方法可以通过 TLS 验证和接受 SSL 证书吗?