| ▲ | crote 6 hours ago | |
Is there a well-maintained alternative to SSL Labs you can recommend? | ||
| ▲ | ivanr 6 hours ago | parent | next [-] | |
Yes, there is! After I left SSL Labs, I built Hardenize, which was an attempt to go wider and handle more of network configuration, not just TLS and PKI. It covers a range of standards, from DNS, over email, TLS and PKI, and application security. Although Hardenize was a commercial product (it was acquired in 2022 by another company, Red Sift), it has a public report that's always been free. For example: https://www.hardenize.com/report/feistyduck.com The CSP inspection in Hardenize could use a refresh, but the TLS and PKI aspects are well maintained [at the time of writing]. | ||
| ▲ | Bender 5 hours ago | parent | prev [-] | |
I use testssl.sh [1] mostly because I can test things not publicly accessible. | ||