Hacker News new | ask | show | jobs
by ivanr 103 days ago
Thanks! Sadly, SSL Labs doesn't appear to be actively maintained. I've noticed increasing gaps in its coverage and inspection quality. I left quite a while ago (2016) and can't influence its grading any more, sadly.
1 comments
crote 103 days ago
Is there a well-maintained alternative to SSL Labs you can recommend?
link
ivanr 103 days ago
Yes, there is! After I left SSL Labs, I built Hardenize, which was an attempt to go wider and handle more of network configuration, not just TLS and PKI. It covers a range of standards, from DNS, over email, TLS and PKI, and application security.

Although Hardenize was a commercial product (it was acquired in 2022 by another company, Red Sift), it has a public report that's always been free. For example:

https://www.hardenize.com/report/feistyduck.com

The CSP inspection in Hardenize could use a refresh, but the TLS and PKI aspects are well maintained [at the time of writing].

link
Bender 103 days ago
I use testssl.sh [1] mostly because I can test things not publicly accessible.

[1] - https://github.com/testssl/testssl.sh

link