diff --git a/docs/documentation/.buildinfo b/docs/documentation/.buildinfo index 8cc545c5..50304dbd 100644 --- a/docs/documentation/.buildinfo +++ b/docs/documentation/.buildinfo @@ -1,4 +1,4 @@ # Sphinx build info version 1 # This file hashes the configuration used when building these files. When it is not found, a full rebuild will be done. -config: 7ed96ce74548bb7ceae0da1d5b1f50af +config: f71b8d947628f4c16f8ec17ec85934ab tags: 645f666f9bcd5a90fca523b33c5a78b7 diff --git a/docs/documentation/_static/documentation_options.js b/docs/documentation/_static/documentation_options.js index f9bbedc6..7cebf3b0 100644 --- a/docs/documentation/_static/documentation_options.js +++ b/docs/documentation/_static/documentation_options.js @@ -1,5 +1,5 @@ const DOCUMENTATION_OPTIONS = { - VERSION: '5.2.0', + VERSION: '6.0.0', LANGUAGE: 'en', COLLAPSE_INDEX: false, BUILDER: 'html', diff --git a/docs/documentation/available-scan-commands.html b/docs/documentation/available-scan-commands.html index dae3d56c..14baa54b 100644 --- a/docs/documentation/available-scan-commands.html +++ b/docs/documentation/available-scan-commands.html @@ -5,10 +5,10 @@ - Appendix: Scan Commands — SSLyze 5.2.0 documentation + Appendix: Scan Commands — SSLyze 6.0.0 documentation - + @@ -205,7 +205,7 @@

Result class
-class sslyze.CertificateDeploymentAnalysisResult(received_certificate_chain, leaf_certificate_subject_matches_hostname, leaf_certificate_has_must_staple_extension, leaf_certificate_is_ev, leaf_certificate_signed_certificate_timestamps_count, received_chain_contains_anchor_certificate, received_chain_has_valid_order, path_validation_results, verified_chain_has_sha1_signature, verified_chain_has_legacy_symantec_anchor, ocsp_response, ocsp_response_is_trusted)
+class sslyze.CertificateDeploymentAnalysisResult(received_certificate_chain, leaf_certificate_has_must_staple_extension, leaf_certificate_is_ev, leaf_certificate_signed_certificate_timestamps_count, received_chain_contains_anchor_certificate, received_chain_has_valid_order, path_validation_results, verified_chain_has_sha1_signature, verified_chain_has_legacy_symantec_anchor, ocsp_response, ocsp_response_is_trusted)

The result of analyzing a server’s certificate to verify its validity.

Any certificate available within the fields that follow is parsed as a Certificate object using the cryptography module; documentation is available at @@ -230,15 +230,10 @@

Result classpath_validation_results

The result of validating the server’s certificate chain using each trust store that is packaged with SSLyze (Mozilla, Apple, etc.). -If for a given trust store, the validation was successful, the verified certificate chain built by OpenSSL -can be retrieved from the PathValidationResult.

-
- -
-
-leaf_certificate_subject_matches_hostname
-

True if the leaf certificate’s Common Name or Subject Alternative -Names match the server’s hostname.

+If for a given trust store, the validation was successful, the verified certificate chain can be

+
+

retrieved from the PathValidationResult.

+
@@ -313,7 +308,6 @@

Result classParameters:

@@ -421,10 +415,14 @@

Result class
-verify_certificate_chain(certificate_chain_as_pem)
+verify_certificate_chain(certificate_chain_as_pem, server_hostname, validation_time=None)
Parameters:
-

certificate_chain_as_pem (List[str]) –

+
    +

  • certificate_chain_as_pem (List[str]) –

    • +

  • server_hostname (str) –

    • +

  • validation_time (Optional[datetime]) –

    • +
Return type:

PathValidationResult

@@ -943,7 +941,7 @@

HTTP Security Header

Result class

-class sslyze.HttpHeadersScanResult(http_request_sent, http_error_trace, http_path_redirected_to, strict_transport_security_header, expect_ct_header=None)
+class sslyze.HttpHeadersScanResult(http_request_sent, http_error_trace, http_path_redirected_to, strict_transport_security_header)

The result of testing a server for the presence of security-related HTTP headers.

Each HTTP header described below will be None if the server did not return a valid HTTP response, or if the server returned an HTTP response without the HTTP header.

@@ -972,13 +970,6 @@

Result class

The Strict-Transport-Security header returned by the server.

-
-
-expect_ct_header
-

DEPRECATED - will always be None. This is because the Expect-CT header has officially -been deprecated.

-
-
Parameters:
@@ -1025,39 +1015,6 @@

Result class

-
-
-class sslyze.ExpectCtHeader(max_age, report_uri, enforce)
-

An Expect-CT header parsed from a server’s HTTP response.

-
-
-max-age
-

The content of the max-age field.

-
- -
-
-report-uri
-

The content of report-uri field.

-
- -
-
-enforce
-

True if enforce directive is set.

-
- -
-
Parameters:
-
    -

  • max_age (Optional[int]) –

    • -

  • report_uri (Optional[str]) –

    • -

  • enforce (bool) –

    • -
-
-
-
-
@@ -1192,7 +1149,7 @@

Quick search

- ©Copyright 2023 Alban Diquet. + ©Copyright 2024 Alban Diquet. | Powered by Sphinx 7.2.6 diff --git a/docs/documentation/genindex.html b/docs/documentation/genindex.html index 1a8ee146..dda51a4f 100644 --- a/docs/documentation/genindex.html +++ b/docs/documentation/genindex.html @@ -4,10 +4,10 @@ - Index — SSLyze 5.2.0 documentation + Index — SSLyze 6.0.0 documentation - + @@ -132,8 +132,6 @@

E

  • ELLIPTIC_CURVES (sslyze.ScanCommand attribute)
  • EllipticCurve (class in sslyze) -
    • -
  • enforce (sslyze.ExpectCtHeader attribute)
    • @@ -240,8 +234,6 @@

    L

  • leaf_certificate_is_ev (sslyze.CertificateDeploymentAnalysisResult attribute)
  • leaf_certificate_signed_certificate_timestamps_count (sslyze.CertificateDeploymentAnalysisResult attribute) -
    • -
  • leaf_certificate_subject_matches_hostname (sslyze.CertificateDeploymentAnalysisResult attribute)
    • @@ -302,8 +294,6 @@

    O

      -
    • openssl_error_string (sslyze.PathValidationResult attribute) -
    • openssl_nid (sslyze.EllipticCurve attribute)
    • OpenSslCcsInjectionScanResult (class in sslyze) @@ -531,6 +521,8 @@

      U

      V

        +
      • verified_chain_has_sha1_signature (sslyze.CertificateDeploymentAnalysisResult attribute) +
      • verify_certificate_chain() (sslyze.TrustStore method)
      • version (sslyze.TrustStore attribute) @@ -638,7 +630,7 @@

        Quick search

        - ©Copyright 2023 Alban Diquet. + ©Copyright 2024 Alban Diquet. | Powered by Sphinx 7.2.6 diff --git a/docs/documentation/index.html b/docs/documentation/index.html index 2efefb02..38ffca25 100644 --- a/docs/documentation/index.html +++ b/docs/documentation/index.html @@ -5,10 +5,10 @@ - SSLyze — SSLyze 5.2.0 documentation + SSLyze — SSLyze 6.0.0 documentation - + @@ -32,7 +32,7 @@

        SSLyze

        -

        Release 5.2.0

        +

        Release 6.0.0

        https://pepy.tech/badge/sslyze https://img.shields.io/pypi/l/sslyze.svg https://img.shields.io/pypi/pyversions/sslyze.svg @@ -182,7 +182,7 @@

        Quick search

        - ©Copyright 2023 Alban Diquet. + ©Copyright 2024 Alban Diquet. | Powered by Sphinx 7.2.6 diff --git a/docs/documentation/json-output.html b/docs/documentation/json-output.html index cb104870..1df6df63 100644 --- a/docs/documentation/json-output.html +++ b/docs/documentation/json-output.html @@ -5,10 +5,10 @@ - Exporting and processing scan results in JSON — SSLyze 5.2.0 documentation + Exporting and processing scan results in JSON — SSLyze 6.0.0 documentation - + @@ -55,12 +55,12 @@

        Exporting results to JSON when using the APIdate_scans_completed: datetime, ) -> None: json_output = SslyzeOutputAsJson( - server_scan_results=[ServerScanResultAsJson.from_orm(result) for result in all_server_scan_results], + server_scan_results=[ServerScanResultAsJson.model_validate(result) for result in all_server_scan_results], invalid_server_strings=[], # Not needed here - specific to the CLI interface date_scans_started=date_scans_started, date_scans_completed=date_scans_completed, ) - json_output_as_str = json_output.json() # TODO(#617): Switch to model_dump_json() + json_output_as_str = json_output.model_dump_json() json_file_out.write_text(json_output_as_str)

        @@ -73,7 +73,7 @@

        Parsing the JSON outputresults_as_json = results_as_json_file.read_text() # These results can be parsed - parsed_results = SslyzeOutputAsJson.parse_raw(results_as_json) + parsed_results = SslyzeOutputAsJson.model_validate_json(results_as_json) # Making it easy to do post-processing and inspection of the results print("The following servers were scanned:") @@ -165,7 +165,7 @@

        Quick search

        - ©Copyright 2023 Alban Diquet. + ©Copyright 2024 Alban Diquet. | Powered by Sphinx 7.2.6 diff --git a/docs/documentation/objects.inv b/docs/documentation/objects.inv index 2946aae1..154b9bed 100644 Binary files a/docs/documentation/objects.inv and b/docs/documentation/objects.inv differ diff --git a/docs/documentation/py-modindex.html b/docs/documentation/py-modindex.html index f76cd5af..f9a4440c 100644 --- a/docs/documentation/py-modindex.html +++ b/docs/documentation/py-modindex.html @@ -4,10 +4,10 @@ - Python Module Index — SSLyze 5.2.0 documentation + Python Module Index — SSLyze 6.0.0 documentation - + @@ -110,7 +110,7 @@

        Quick search

        - ©Copyright 2023 Alban Diquet. + ©Copyright 2024 Alban Diquet. | Powered by Sphinx 7.2.6 diff --git a/docs/documentation/running-a-scan-in-python.html b/docs/documentation/running-a-scan-in-python.html index a55646d8..264cba2e 100644 --- a/docs/documentation/running-a-scan-in-python.html +++ b/docs/documentation/running-a-scan-in-python.html @@ -5,10 +5,10 @@ - Running a Scan in Python — SSLyze 5.2.0 documentation + Running a Scan in Python — SSLyze 6.0.0 documentation - + @@ -700,7 +700,7 @@

        Quick search

        - ©Copyright 2023 Alban Diquet. + ©Copyright 2024 Alban Diquet. | Powered by Sphinx 7.2.6 diff --git a/docs/documentation/search.html b/docs/documentation/search.html index 125fad76..9ba2abed 100644 --- a/docs/documentation/search.html +++ b/docs/documentation/search.html @@ -4,11 +4,11 @@ - Search — SSLyze 5.2.0 documentation + Search — SSLyze 6.0.0 documentation - + @@ -111,7 +111,7 @@

        Related Topics

        - ©Copyright 2023 Alban Diquet. + ©Copyright 2024 Alban Diquet. | Powered by Sphinx 7.2.6 diff --git a/docs/documentation/searchindex.js b/docs/documentation/searchindex.js index 262181d5..d5e6ef19 100644 --- a/docs/documentation/searchindex.js +++ b/docs/documentation/searchindex.js @@ -1 +1 @@ -Search.setIndex({"docnames": ["available-scan-commands", "index", "json-output", "running-a-scan-in-python"], "filenames": ["available-scan-commands.rst", "index.rst", "json-output.rst", "running-a-scan-in-python.rst"], "titles": ["Appendix: Scan Commands", "SSLyze", "Exporting and processing scan results in JSON", "Running a Scan in Python"], "terms": {"everi": [0, 3], "type": [0, 2, 3], "check": [0, 3], "sslyze": [0, 2, 3], "can": [0, 1, 2, 3], "run": 0, "against": [0, 3], "server": [0, 1, 2, 3], "etc": [0, 1], "i": [0, 1, 2, 3], "repres": [0, 3], "scancommand": [0, 1, 3], "which": [0, 3], "when": [0, 1, 3], "return": [0, 3], "specif": [0, 2, 3], "thi": [0, 2, 3], "page": [0, 1], "list": [0, 2, 3], "all": [0, 2, 3], "correspond": [0, 3], "avail": [0, 1, 2, 3], "current": 0, "releas": [0, 1], "For": 0, "an": [0, 3], "exampl": [0, 1], "how": [0, 1, 3], "via": [0, 3], "python": [0, 2], "api": [0, 3], "see": 0, "The": [0, 1, 2, 3], "follow": [0, 2, 3], "ar": [0, 1, 2, 3], "version": 0, "valu": [0, 3], "name": [0, 3], "none": [0, 2, 3], "modul": [0, 1, 3], "qualnam": [0, 3], "start": 0, "boundari": [0, 3], "certificate_info": [0, 2, 3], "session_resumpt": [0, 3], "ssl_2_0_cipher_suit": [0, 3], "ssl_3_0_cipher_suit": [0, 3], "tls_1_0_cipher_suit": [0, 3], "tls_1_1_cipher_suit": [0, 3], "tls_1_2_cipher_suit": [0, 3], "tls_1_3_cipher_suit": [0, 3], "tls_compress": [0, 3], "tls_1_3_early_data": [0, 3], "openssl_ccs_inject": [0, 3], "tls_fallback_scsv": [0, 3], "session_renegoti": [0, 3], "http_header": [0, 3], "elliptic_curv": [0, 3], "next": 0, "section": [0, 2], "describ": [0, 2, 3], "each": [0, 3], "retriev": [0, 3], "analyz": [0, 1], "": [0, 1, 3], "verifi": 0, "its": 0, "valid": 0, "certificateinfoextraargu": 0, "custom_ca_fil": 0, "addit": 0, "configur": [0, 1, 3], "path": [0, 2, 3], "custom": 0, "trust": 0, "store": 0, "file": [0, 2, 3], "us": [0, 3], "should": [0, 3], "contain": [0, 2, 3], "pem": [0, 3], "format": [0, 3], "root": 0, "paramet": [0, 3], "certificateinfoscanresult": 0, "hostname_used_for_server_name_ind": 0, "certificate_deploy": [0, 2, 3], "hostnam": [0, 2, 3], "sent": 0, "indic": [0, 3], "extens": [0, 3], "A": [0, 2, 3], "leaf": [0, 2], "detect": [0, 1, 3], "analysi": 0, "most": 0, "onli": [0, 3], "deploi": [0, 3], "one": [0, 3], "some": [0, 3], "websit": 0, "facebook": [0, 2], "differ": 0, "depend": 0, "client": 0, "wai": 0, "maxim": 0, "compat": 0, "older": 0, "devic": 0, "str": [0, 3], "certificatedeploymentanalysisresult": 0, "received_certificate_chain": [0, 2, 3], "leaf_certificate_subject_matches_hostnam": 0, "leaf_certificate_has_must_staple_extens": 0, "leaf_certificate_is_ev": 0, "leaf_certificate_signed_certificate_timestamps_count": 0, "received_chain_contains_anchor_certif": 0, "received_chain_has_valid_ord": 0, "path_validation_result": 0, "verified_chain_has_sha1_signatur": 0, "verified_chain_has_legacy_symantec_anchor": 0, "ocsp_respons": 0, "ocsp_response_is_trust": 0, "ani": [0, 1], "within": [0, 3], "field": [0, 2, 3], "pars": [0, 1, 3], "object": [0, 2, 3], "cryptographi": 0, "document": 0, "io": 0, "en": 0, "latest": 0, "x509": 0, "refer": 0, "html": 0, "highlight": 0, "chain": 0, "index": [0, 1], "0": [0, 1, 2, 3], "verified_certificate_chain": 0, "packag": 0, "Will": 0, "fail": [0, 2, 3], "appl": 0, "mozilla": 0, "essenti": 0, "shortcut": 0, "path_validation_result_list": 0, "If": [0, 3], "given": [0, 3], "wa": [0, 3], "success": 0, "built": 0, "from": [0, 3], "pathvalidationresult": 0, "true": 0, "common": 0, "subject": [0, 3], "altern": 0, "match": 0, "extend": 0, "accord": 0, "ocsp": 0, "must": 0, "stapl": 0, "present": 0, "number": [0, 3], "sign": 0, "timestamp": 0, "sct": 0, "transpar": 0, "embed": 0, "instal": 0, "system": 0, "too": 0, "old": 0, "abl": [0, 3], "right": 0, "order": [0, 1, 3], "could": [0, 3], "includ": [0, 3], "anchor": 0, "send": [0, 3], "back": 0, "intermedi": 0, "sha": 0, "algorithm": 0, "distrust": 0, "symantec": 0, "blog": 0, "quali": 0, "com": [0, 2, 3], "ssllab": 0, "2017": 0, "09": 0, "26": 0, "googl": [0, 2, 3], "deprec": 0, "exist": 0, "respons": [0, 3], "through": [0, 3], "proxi": [0, 3], "forward": 0, "ocsprespons": 0, "bool": [0, 3], "int": [0, 3], "trust_stor": 0, "openssl_error_str": 0, "try": [0, 3], "last": 0, "element": 0, "ca": 0, "x": 0, "509": 0, "string": 0, "function": 0, "was_validation_success": 0, "whether": [0, 3], "suppli": [0, 3], "truststor": 0, "ev_oid": 0, "set": [0, 1], "local": 0, "human": 0, "readabl": 0, "date": 0, "2016": 0, "objectidentifi": 0, "is_certificate_extended_valid": 0, "ev": 0, "verify_certificate_chain": 0, "certificate_chain_as_pem": 0, "test": [0, 1, 3], "ssl": [0, 1], "2": [0, 1, 3], "ciphersuitesscanresult": 0, "tls_version_us": 0, "accepted_cipher_suit": [0, 3], "rejected_cipher_suit": 0, "connect": [0, 1, 3], "accepted_ciph": 0, "both": 0, "rejected_ciph": 0, "were": [0, 2, 3], "reject": 0, "tlsversionenum": [0, 3], "ciphersuiteacceptedbyserv": 0, "ciphersuiterejectedbyserv": 0, "cipher_suit": [0, 3], "error_messag": 0, "ciphersuit": 0, "ephemeral_kei": 0, "ephemer": 0, "kei": [0, 3], "negoti": 0, "ec": 0, "dh": 0, "doe": 0, "ephemeralkeyinfo": 0, "size": 0, "public_byt": 0, "share": 0, "kind": [0, 3], "exchang": 0, "opensslevppkeyenum": 0, "bytearrai": 0, "is_anonym": 0, "key_siz": 0, "openssl_nam": 0, "ssl_2_0": 0, "ssl_3_0": 0, "tls_1_0": 0, "tls_1_1": 0, "4": 0, "tls_1_2": 0, "5": [0, 1, 3], "tls_1_3": 0, "6": 0, "supportedellipticcurvesscanresult": 0, "supports_ecdh_key_exchang": [0, 3], "supported_curv": 0, "rejected_curv": 0, "least": 0, "ecdh": 0, "ellipticcurv": 0, "accept": 0, "openssl_nid": 0, "ansi": 0, "x9": 0, "62": 0, "otherwis": 0, "secg": 0, "nid_xxx": 0, "obj_mac": 0, "h": 0, "vulner": [0, 1], "robotscanresult": 0, "robot_result": 0, "enum": 0, "provid": [0, 1, 2, 3], "robotscanresultenum": 0, "attempt": [0, 3], "exploit": 0, "issu": 0, "vulnerable_weak_oracl": 0, "attack": [0, 1], "would": 0, "take": 0, "long": 0, "vulnerable_strong_oracl": 0, "real": 0, "feasibl": 0, "not_vulnerable_no_oracl": 0, "rsa": 0, "act": 0, "oracl": 0, "not_vulnerable_rsa_not_support": 0, "unknown_inconsistent_result": 0, "determin": 0, "id": [0, 3], "ticket": 0, "tlsresumptionsupportenum": 0, "resum": 0, "fully_support": 0, "partially_support": 0, "not_support": 0, "server_is_tls_1_3_onli": 0, "nor": 0, "sessionresumptionsupportextraargu": 0, "number_of_resumptions_to_attempt": 0, "default": [0, 3], "higher": 0, "100": 0, "get": 0, "more": [0, 3], "accur": 0, "measur": 0, "often": 0, "succe": 0, "sessionresumptionsupportscanresult": 0, "session_id_resumption_result": 0, "session_id_attempted_resumptions_count": 0, "session_id_successful_resumptions_count": 0, "tls_ticket_resumption_result": 0, "tls_ticket_attempted_resumptions_count": 0, "tls_ticket_successful_resumptions_count": 0, "overal": 0, "total": 0, "compress": 0, "leverag": [0, 3], "perform": [0, 3], "compressionscanresult": 0, "supports_compress": 0, "therebi": [0, 2], "enabl": 0, "earlydatascanresult": 0, "supports_early_data": 0, "mechan": 0, "fallbackscsvscanresult": 0, "supports_fallback_scsv": 0, "heartbleedscanresult": 0, "is_vulnerable_to_heartble": 0, "presenc": 0, "relat": 0, "httpheadersscanresult": 0, "http_request_s": 0, "http_error_trac": 0, "http_path_redirected_to": 0, "strict_transport_security_head": 0, "expect_ct_head": 0, "below": 0, "did": 0, "without": [0, 3], "initi": 0, "request": [0, 3], "error": [0, 2, 3], "after": [0, 3], "receiv": 0, "subsequ": 0, "eventu": 0, "redirect": 0, "strict": 0, "transport": 0, "alwai": 0, "becaus": 0, "expect": [0, 3], "ct": 0, "ha": [0, 3], "offici": 0, "been": 0, "tracebackexcept": [0, 3], "stricttransportsecurityhead": 0, "max_ag": 0, "preload": 0, "include_subdomain": 0, "direct": [0, 3], "includesubdomain": 0, "max": 0, "ag": 0, "expectcthead": 0, "report_uri": 0, "enforc": 0, "report": 0, "uri": 0, "cve": 0, "2014": 0, "0224": 0, "opensslccsinjectionscanresult": 0, "is_vulnerable_to_ccs_inject": 0, "sessionrenegotiationscanresult": 0, "supports_secure_renegoti": 0, "is_vulnerable_to_client_renegotiation_do": 0, "accepts_client_renegoti": 0, "honor": 0, "fast": 1, "power": 1, "tl": 1, "tool": 1, "librari": 1, "ensur": [1, 3], "strong": 1, "encrypt": 1, "certif": [1, 2, 3], "cipher": [1, 3], "suit": [1, 3], "ellipt": 1, "curv": 1, "known": 1, "heartble": [1, 3], "robot": [1, 3], "openssl": [1, 3], "cc": 1, "inject": 1, "instruct": 1, "readm": 1, "give": 1, "full": 1, "access": 1, "engin": 1, "make": [1, 2, 3], "easi": [1, 2], "implement": 1, "part": 1, "continu": [1, 2, 3], "secur": 1, "platform": 1, "misconfigur": 1, "across": 1, "rang": 1, "public": 1, "intern": 1, "endpoint": 1, "overview": 1, "class": [1, 2], "serial": [1, 2, 3], "further": [1, 2], "also": [1, 2], "helper": [1, 2], "separ": [1, 2], "program": [1, 2], "cli": 1, "output": 1, "inform": [1, 3], "support": [1, 3], "session": 1, "resumpt": 1, "crime": 1, "1": [1, 3], "3": [1, 3], "earli": 1, "data": 1, "downgrad": 1, "prevent": 1, "http": [1, 3], "header": 1, "insecur": 1, "renegoti": 1, "search": 1, "schema": 2, "code": [2, 3], "repositori": 2, "json_output_schema": 2, "json_out": 2, "option": [2, 3], "m": 2, "www": 2, "gener": 2, "sslyzeoutputasjson": 2, "from_orm": 2, "method": [2, 3], "def": [2, 3], "example_json_result_output": [2, 3], "json_file_out": [2, 3], "all_server_scan_result": [2, 3], "serverscanresult": [2, 3], "date_scans_start": [2, 3], "datetim": [2, 3], "date_scans_complet": 2, "json_output": 2, "server_scan_result": [2, 3], "serverscanresultasjson": 2, "invalid_server_str": 2, "Not": 2, "need": [2, 3], "here": 2, "interfac": 2, "json_output_as_str": 2, "todo": 2, "617": 2, "switch": 2, "model_dump_json": 2, "write_text": 2, "from_fil": 2, "example_json_result_pars": [2, 3], "results_as_json_fil": 2, "save": [2, 3], "results_as_json": 2, "read_text": 2, "These": 2, "parsed_result": 2, "parse_raw": 2, "do": [2, 3], "post": 2, "inspect": 2, "print": [2, 3], "f": [2, 3], "n": [2, 3], "server_loc": [2, 3], "port": [2, 3], "scan_statu": [2, 3], "serverscanstatusenum": [2, 3], "error_no_connect": [2, 3], "That": 2, "connectivity_error_trac": [2, 3], "assert": [2, 3], "scan_result": [2, 3], "certinfo_attempt": [2, 3], "statu": [2, 3], "scancommandattemptstatusenum": [2, 3], "_print_failed_scan_command_attempt": [2, 3], "ignor": 2, "els": 2, "certinfo_result": [2, 3], "cert_deploy": [2, 3], "sha1": 2, "fingerprint_sha1": 2, "annot": [2, 3], "easier": [2, 3], "autom": 3, "fashion": 3, "allow": 3, "v": 3, "pycharm": 3, "auto": 3, "import": 3, "complet": 3, "sure": 3, "significantli": 3, "To": 3, "serverscanrequest": 3, "about": 3, "all_scan_request": 3, "servernetworkloc": 3, "cloudflar": 3, "except": 3, "serverhostnamecouldnotberesolv": 3, "handl": 3, "bad": 3, "input": 3, "ie": 3, "invalid": 3, "resolv": 3, "detail": 3, "argument": 3, "ip": 3, "address": 3, "network": 3, "network_configur": 3, "non": 3, "scan_command": 3, "By": 3, "onc": 3, "attribut": 3, "command": 3, "appendix": 3, "Then": 3, "pass": 3, "scanner": 3, "queue_scan": 3, "pool": 3, "worker": 3, "concurr": 3, "ing": 3, "lastli": 3, "get_result": 3, "iter": 3, "soon": 3, "coupl": 3, "main": 3, "utcnow": 3, "first": 3, "creat": 3, "we": 3, "want": 3, "queue": 3, "And": 3, "append": 3, "No": 3, "weren": 3, "t": 3, "nerror": 3, "sinc": 3, "popul": 3, "ssl2_attempt": 3, "happen": 3, "elif": 3, "successfulli": 3, "ssl2_result": 3, "naccept": 3, "tls1_3_attempt": 3, "tls1_3_result": 3, "info": 3, "nleaf": 3, "leaf_cert": 3, "public_kei": 3, "__class__": 3, "__name__": 3, "rfc4514_string": 3, "serial_numb": 3, "other": 3, "json": 3, "api_sample_result": 3, "them": 3, "factori": 3, "scan_commands_extra_argu": 3, "uuid": 3, "servernetworkconfigur": 3, "scancommandsextraargu": 3, "extra": 3, "443": 3, "ip_address": 3, "http_proxy_set": 3, "connection_typ": 3, "either": 3, "directli": 3, "automat": 3, "lookup": 3, "tunnel": 3, "look": 3, "up": 3, "httpproxyset": 3, "per_server_concurrent_connections_limit": 3, "concurrent_server_scans_limit": 3, "observ": 3, "sequenc": 3, "scannerobserv": 3, "tls_server_name_ind": 3, "tls_opportunistic_encrypt": 3, "tls_client_auth_credenti": 3, "xmpp_to_hostnam": 3, "network_timeout": 3, "network_max_retri": 3, "fine": 3, "grain": 3, "control": 3, "tls_wrapped_protocol": 3, "protocol": 3, "wrap": 3, "It": 3, "figur": 3, "out": 3, "establish": 3, "what": 3, "hello": 3, "messag": 3, "smtp": 3, "xmpp": 3, "handshak": 3, "standard": 3, "privat": 3, "mutual": 3, "stream": 3, "timeout": 3, "second": 3, "retri": 3, "protocolwithopportunistictlsenum": 3, "clientauthenticationcredenti": 3, "plaintext": 3, "opportunist": 3, "upgrad": 3, "xmpp_server": 3, "ftp": 3, "pop3": 3, "ldap": 3, "imap": 3, "rdp": 3, "postgr": 3, "classmethod": 3, "from_default_port": 3, "certificate_chain_path": 3, "key_path": 3, "key_password": 3, "key_typ": 3, "opensslfiletypeenum": 3, "everyth": 3, "password": 3, "decrypt": 3, "constant": 3, "map": 3, "ssl_filetype_xxx": 3, "asn1": 3, "connectivity_statu": 3, "connectivity_result": 3, "NOT": 3, "serverconnectivitystatusenum": 3, "servertlsprobingresult": 3, "allscancommandsattempt": 3, "highest_tls_version_support": 3, "cipher_suite_support": 3, "client_auth_requir": 3, "clientauthrequirementenum": 3, "certificateinfoscanattempt": 3, "ciphersuitesscanattempt": 3, "compressionscanattempt": 3, "earlydatascanattempt": 3, "opensslccsinjectionscanattempt": 3, "fallbackscsvscanattempt": 3, "heartbleedscanattempt": 3, "robotscanattempt": 3, "sessionrenegotiationscanattempt": 3, "sessionresumptionsupportscanattempt": 3, "supportedellipticcurvesscanattempt": 3, "httpheadersscanattempt": 3, "scancommandattempt": 3, "error_reason": 3, "error_trac": 3, "singl": 3, "ran": 3, "reason": 3, "why": 3, "succeed": 3, "trace": 3, "actual": 3, "scanresult": 3, "scancommanderrorreasonenum": 3, "typevar": 3, "_scancommandresulttypevar": 3, "bug_in_sslyz": 3, "client_certificate_need": 3, "connectivity_issu": 3, "wrong_usag": 3}, "objects": {"": [[0, 0, 0, "-", "sslyze"]], "sslyze": [[3, 1, 1, "", "AllScanCommandsAttempts"], [0, 1, 1, "", "CertificateDeploymentAnalysisResult"], [0, 1, 1, "", "CertificateInfoExtraArgument"], [0, 1, 1, "", "CertificateInfoScanResult"], [0, 1, 1, "", "CipherSuite"], [0, 1, 1, "", "CipherSuiteAcceptedByServer"], [0, 1, 1, "", "CipherSuiteRejectedByServer"], [0, 1, 1, "", "CipherSuitesScanResult"], [3, 1, 1, "", "ClientAuthenticationCredentials"], [0, 1, 1, "", "CompressionScanResult"], [0, 1, 1, "", "EarlyDataScanResult"], [0, 1, 1, "", "EllipticCurve"], [0, 1, 1, "", "EphemeralKeyInfo"], [0, 1, 1, "", "ExpectCtHeader"], [0, 1, 1, "", "FallbackScsvScanResult"], [0, 1, 1, "", "HeartbleedScanResult"], [0, 1, 1, "", "HttpHeadersScanResult"], [0, 1, 1, "", "OpenSslCcsInjectionScanResult"], [3, 1, 1, "", "OpenSslFileTypeEnum"], [0, 1, 1, "", "PathValidationResult"], [3, 1, 1, "", "ProtocolWithOpportunisticTlsEnum"], [0, 1, 1, "", "RobotScanResult"], [0, 1, 1, "", "RobotScanResultEnum"], [0, 1, 1, "", "ScanCommand"], [3, 1, 1, "", "ScanCommandAttempt"], [3, 1, 1, "", "ScanCommandErrorReasonEnum"], [3, 1, 1, "", "Scanner"], [3, 1, 1, "", "ServerConnectivityStatusEnum"], [3, 1, 1, "", "ServerNetworkConfiguration"], [3, 1, 1, "", "ServerNetworkLocation"], [3, 1, 1, "", "ServerScanRequest"], [3, 1, 1, "", "ServerScanResult"], [3, 1, 1, "", "ServerScanStatusEnum"], [3, 1, 1, "", "ServerTlsProbingResult"], [0, 1, 1, "", "SessionRenegotiationScanResult"], [0, 1, 1, "", "SessionResumptionSupportExtraArgument"], [0, 1, 1, "", "SessionResumptionSupportScanResult"], [0, 1, 1, "", "StrictTransportSecurityHeader"], [0, 1, 1, "", "SupportedEllipticCurvesScanResult"], [0, 1, 1, "", "TlsResumptionSupportEnum"], [0, 1, 1, "", "TlsVersionEnum"], [0, 1, 1, "", "TrustStore"]], "sslyze.CertificateDeploymentAnalysisResult": [[0, 2, 1, "", "leaf_certificate_has_must_staple_extension"], [0, 2, 1, "", "leaf_certificate_is_ev"], [0, 2, 1, "", "leaf_certificate_signed_certificate_timestamps_count"], [0, 2, 1, "", "leaf_certificate_subject_matches_hostname"], [0, 2, 1, "", "ocsp_response"], [0, 2, 1, "", "ocsp_response_is_trusted"], [0, 2, 1, "", "path_validation_results"], [0, 2, 1, "", "received_certificate_chain"], [0, 2, 1, "", "received_chain_contains_anchor_certificate"], [0, 2, 1, "", "received_chain_has_valid_order"], [0, 2, 1, "", "verified_certificate_chain"], [0, 2, 1, "", "verified_chain_has_legacy_symantec_anchor"], [0, 2, 1, "", "verified_chain_has_sha1_signature"]], "sslyze.CertificateInfoExtraArgument": [[0, 2, 1, "", "custom_ca_file"]], "sslyze.CertificateInfoScanResult": [[0, 2, 1, "", "certificate_deployments"], [0, 2, 1, "", "hostname_used_for_server_name_indication"]], "sslyze.CipherSuitesScanResult": [[0, 2, 1, "", "accepted_ciphers"], [0, 2, 1, "", "rejected_ciphers"], [0, 2, 1, "", "tls_version_used"]], "sslyze.ClientAuthenticationCredentials": [[3, 2, 1, "", "certificate_chain_path"], [3, 2, 1, "", "key_password"], [3, 2, 1, "", "key_path"], [3, 2, 1, "", "key_type"]], "sslyze.CompressionScanResult": [[0, 2, 1, "", "supports_compression"]], "sslyze.EarlyDataScanResult": [[0, 2, 1, "", "supports_early_data"]], "sslyze.EllipticCurve": [[0, 2, 1, "", "name"], [0, 2, 1, "", "openssl_nid"]], "sslyze.ExpectCtHeader": [[0, 2, 1, "", "enforce"]], "sslyze.FallbackScsvScanResult": [[0, 2, 1, "", "supports_fallback_scsv"]], "sslyze.HeartbleedScanResult": [[0, 2, 1, "", "is_vulnerable_to_heartbleed"]], "sslyze.HttpHeadersScanResult": [[0, 2, 1, "", "expect_ct_header"], [0, 2, 1, "", "http_error_trace"], [0, 2, 1, "", "http_path_redirected_to"], [0, 2, 1, "", "http_request_sent"], [0, 2, 1, "", "strict_transport_security_header"]], "sslyze.OpenSslCcsInjectionScanResult": [[0, 2, 1, "", "is_vulnerable_to_ccs_injection"]], "sslyze.OpenSslFileTypeEnum": [[3, 2, 1, "", "ASN1"], [3, 2, 1, "", "PEM"]], "sslyze.PathValidationResult": [[0, 2, 1, "", "openssl_error_string"], [0, 2, 1, "", "trust_store"], [0, 2, 1, "", "verified_certificate_chain"], [0, 2, 1, "", "was_validation_successful"]], "sslyze.ProtocolWithOpportunisticTlsEnum": [[3, 2, 1, "", "FTP"], [3, 2, 1, "", "IMAP"], [3, 2, 1, "", "LDAP"], [3, 2, 1, "", "POP3"], [3, 2, 1, "", "POSTGRES"], [3, 2, 1, "", "RDP"], [3, 2, 1, "", "SMTP"], [3, 2, 1, "", "XMPP"], [3, 2, 1, "", "XMPP_SERVER"], [3, 3, 1, "", "from_default_port"]], "sslyze.RobotScanResult": [[0, 2, 1, "", "result"]], "sslyze.RobotScanResultEnum": [[0, 2, 1, "id5", "NOT_VULNERABLE_NO_ORACLE"], [0, 2, 1, "id6", "NOT_VULNERABLE_RSA_NOT_SUPPORTED"], [0, 2, 1, "id7", "UNKNOWN_INCONSISTENT_RESULTS"], [0, 2, 1, "id4", "VULNERABLE_STRONG_ORACLE"], [0, 2, 1, "id0", "VULNERABLE_WEAK_ORACLE"]], "sslyze.ScanCommand": [[0, 2, 1, "", "CERTIFICATE_INFO"], [0, 2, 1, "", "ELLIPTIC_CURVES"], [0, 2, 1, "", "HEARTBLEED"], [0, 2, 1, "", "HTTP_HEADERS"], [0, 2, 1, "", "OPENSSL_CCS_INJECTION"], [0, 2, 1, "", "ROBOT"], [0, 2, 1, "", "SESSION_RENEGOTIATION"], [0, 2, 1, "", "SESSION_RESUMPTION"], [0, 2, 1, "", "SSL_2_0_CIPHER_SUITES"], [0, 2, 1, "", "SSL_3_0_CIPHER_SUITES"], [0, 2, 1, "", "TLS_1_0_CIPHER_SUITES"], [0, 2, 1, "", "TLS_1_1_CIPHER_SUITES"], [0, 2, 1, "", "TLS_1_2_CIPHER_SUITES"], [0, 2, 1, "", "TLS_1_3_CIPHER_SUITES"], [0, 2, 1, "", "TLS_1_3_EARLY_DATA"], [0, 2, 1, "", "TLS_COMPRESSION"], [0, 2, 1, "", "TLS_FALLBACK_SCSV"]], "sslyze.ScanCommandAttempt": [[3, 2, 1, "", "error_reason"], [3, 2, 1, "", "error_trace"], [3, 2, 1, "", "result"], [3, 2, 1, "", "status"]], "sslyze.ScanCommandErrorReasonEnum": [[3, 2, 1, "", "BUG_IN_SSLYZE"], [3, 2, 1, "", "CLIENT_CERTIFICATE_NEEDED"], [3, 2, 1, "", "CONNECTIVITY_ISSUE"], [3, 2, 1, "", "WRONG_USAGE"]], "sslyze.ServerNetworkConfiguration": [[3, 2, 1, "", "network_max_retries"], [3, 2, 1, "", "network_timeout"], [3, 2, 1, "", "tls_client_auth_credentials"], [3, 2, 1, "", "tls_server_name_indication"], [3, 2, 1, "", "tls_wrapped_protocol"], [3, 2, 1, "", "xmpp_to_hostname"]], "sslyze.ServerNetworkLocation": [[3, 2, 1, "", "connection_type"], [3, 2, 1, "", "hostname"], [3, 2, 1, "", "http_proxy_settings"], [3, 2, 1, "", "ip_address"], [3, 2, 1, "", "port"]], "sslyze.ServerScanResult": [[3, 2, 1, "", "connectivity_error_trace"], [3, 2, 1, "", "connectivity_result"], [3, 2, 1, "", "connectivity_status"], [3, 2, 1, "", "network_configuration"], [3, 2, 1, "", "scan_result"], [3, 2, 1, "", "scan_status"], [3, 2, 1, "", "server_location"], [3, 2, 1, "", "uuid"]], "sslyze.SessionRenegotiationScanResult": [[0, 2, 1, "", "accepts_client_renegotiation"], [0, 2, 1, "", "supports_secure_renegotiation"]], "sslyze.SessionResumptionSupportExtraArgument": [[0, 2, 1, "", "number_of_resumptions_to_attempt"]], "sslyze.SessionResumptionSupportScanResult": [[0, 2, 1, "", "session_id_attempted_resumptions_count"], [0, 2, 1, "", "session_id_resumption_result"], [0, 2, 1, "", "session_id_successful_resumptions_count"], [0, 2, 1, "", "tls_ticket_attempted_resumptions_count"], [0, 2, 1, "", "tls_ticket_resumption_result"], [0, 2, 1, "", "tls_ticket_successful_resumptions_count"]], "sslyze.StrictTransportSecurityHeader": [[0, 2, 1, "", "include_subdomains"], [0, 2, 1, "", "max_age"], [0, 2, 1, "", "preload"]], "sslyze.SupportedEllipticCurvesScanResult": [[0, 2, 1, "", "rejected_curves"], [0, 2, 1, "", "supported_curves"], [0, 2, 1, "", "supports_ecdh_key_exchange"]], "sslyze.TlsResumptionSupportEnum": [[0, 2, 1, "", "FULLY_SUPPORTED"], [0, 2, 1, "", "NOT_SUPPORTED"], [0, 2, 1, "", "PARTIALLY_SUPPORTED"], [0, 2, 1, "", "SERVER_IS_TLS_1_3_ONLY"]], "sslyze.TlsVersionEnum": [[0, 2, 1, "", "SSL_2_0"], [0, 2, 1, "", "SSL_3_0"], [0, 2, 1, "", "TLS_1_0"], [0, 2, 1, "", "TLS_1_1"], [0, 2, 1, "", "TLS_1_2"], [0, 2, 1, "", "TLS_1_3"]], "sslyze.TrustStore": [[0, 3, 1, "", "is_certificate_extended_validation"], [0, 2, 1, "", "name"], [0, 2, 1, "", "path"], [0, 3, 1, "", "verify_certificate_chain"], [0, 2, 1, "", "version"]]}, "objtypes": {"0": "py:module", "1": "py:class", "2": "py:attribute", "3": "py:method"}, "objnames": {"0": ["py", "module", "Python module"], "1": ["py", "class", "Python class"], "2": ["py", "attribute", "Python attribute"], "3": ["py", "method", "Python method"]}, "titleterms": {"appendix": [0, 1], "scan": [0, 1, 2, 3], "command": [0, 1], "content": [0, 1], "certif": 0, "inform": 0, "option": 0, "argument": 0, "result": [0, 1, 2, 3], "class": [0, 3], "cipher": 0, "suit": 0, "support": 0, "ellipt": 0, "curv": 0, "robot": 0, "session": 0, "resumpt": 0, "crime": 0, "tl": [0, 3], "1": 0, "3": 0, "earli": 0, "data": 0, "downgrad": 0, "prevent": 0, "heartble": 0, "http": 0, "secur": 0, "header": 0, "openssl": 0, "cc": 0, "inject": 0, "insecur": 0, "renegoti": 0, "sslyze": 1, "instal": 1, "quick": 1, "start": [1, 3], "run": [1, 3], "us": [1, 2], "python": [1, 3], "api": [1, 2], "export": [1, 2], "process": [1, 2, 3], "json": [1, 2], "indic": 1, "tabl": 1, "when": 2, "cli": 2, "pars": 2, "output": 2, "overview": 3, "full": 3, "exampl": 3, "addit": 3, "set": 3, "starttl": 3, "sni": 3, "etc": 3, "enabl": 3, "ssl": 3, "client": 3, "authent": 3}, "envversion": {"sphinx.domains.c": 3, "sphinx.domains.changeset": 1, "sphinx.domains.citation": 1, "sphinx.domains.cpp": 9, "sphinx.domains.index": 1, "sphinx.domains.javascript": 3, "sphinx.domains.math": 2, "sphinx.domains.python": 4, "sphinx.domains.rst": 2, "sphinx.domains.std": 2, "sphinx": 60}, "alltitles": {"Appendix: Scan Commands": [[0, "appendix-scan-commands"], [1, "appendix-scan-commands"]], "Contents": [[0, "contents"], [1, "contents"]], "Certificate Information": [[0, "certificate-information"]], "Optional arguments": [[0, "optional-arguments"]], "Result class": [[0, "result-class"], [0, "id1"], [0, "id2"], [0, "id3"], [0, "id8"], [0, "id9"], [0, "id10"], [0, "id11"], [0, "id12"], [0, "id13"], [0, "id14"], [0, "id15"]], "Cipher Suites": [[0, "cipher-suites"]], "Supported Elliptic Curves": [[0, "supported-elliptic-curves"]], "ROBOT": [[0, "robot"]], "Session Resumption Support": [[0, "session-resumption-support"]], "CRIME": [[0, "crime"]], "TLS 1.3 Early Data": [[0, "tls-1-3-early-data"]], "Downgrade Prevention": [[0, "downgrade-prevention"]], "Heartbleed": [[0, "heartbleed"]], "HTTP Security Headers": [[0, "http-security-headers"]], "OpenSSL CCS Injection": [[0, "openssl-ccs-injection"]], "Insecure Renegotiation": [[0, "insecure-renegotiation"]], "SSLyze": [[1, "sslyze"]], "Installation & Quick Start": [[1, "installation-quick-start"]], "Running scans using the Python API": [[1, "running-scans-using-the-python-api"]], "Exporting and processing scan results in JSON": [[1, "exporting-and-processing-scan-results-in-json"], [2, "exporting-and-processing-scan-results-in-json"]], "Indices and tables": [[1, "indices-and-tables"]], "Exporting results to JSON when using the CLI": [[2, "exporting-results-to-json-when-using-the-cli"]], "Exporting results to JSON when using the API": [[2, "exporting-results-to-json-when-using-the-api"]], "Parsing the JSON output": [[2, "parsing-the-json-output"]], "Running a Scan in Python": [[3, "running-a-scan-in-python"]], "Overview": [[3, "overview"]], "Full Example": [[3, "full-example"]], "Classes for Starting a Scan": [[3, "classes-for-starting-a-scan"]], "Additional settings: StartTLS, SNI, etc.": [[3, "additional-settings-starttls-sni-etc"]], "Enabling SSL/TLS client authentication": [[3, "enabling-ssl-tls-client-authentication"]], "Classes for Processing Scan Results": [[3, "classes-for-processing-scan-results"]]}, "indexentries": {"certificate_info (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.CERTIFICATE_INFO"]], "certificatedeploymentanalysisresult (class in sslyze)": [[0, "sslyze.CertificateDeploymentAnalysisResult"]], "certificateinfoextraargument (class in sslyze)": [[0, "sslyze.CertificateInfoExtraArgument"]], "certificateinfoscanresult (class in sslyze)": [[0, "sslyze.CertificateInfoScanResult"]], "ciphersuite (class in sslyze)": [[0, "sslyze.CipherSuite"]], "ciphersuiteacceptedbyserver (class in sslyze)": [[0, "sslyze.CipherSuiteAcceptedByServer"]], "ciphersuiterejectedbyserver (class in sslyze)": [[0, "sslyze.CipherSuiteRejectedByServer"]], "ciphersuitesscanresult (class in sslyze)": [[0, "sslyze.CipherSuitesScanResult"]], "compressionscanresult (class in sslyze)": [[0, "sslyze.CompressionScanResult"]], "elliptic_curves (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.ELLIPTIC_CURVES"]], "earlydatascanresult (class in sslyze)": [[0, "sslyze.EarlyDataScanResult"]], "ellipticcurve (class in sslyze)": [[0, "sslyze.EllipticCurve"]], "ephemeralkeyinfo (class in sslyze)": [[0, "sslyze.EphemeralKeyInfo"]], "expectctheader (class in sslyze)": [[0, "sslyze.ExpectCtHeader"]], "fully_supported (sslyze.tlsresumptionsupportenum attribute)": [[0, "sslyze.TlsResumptionSupportEnum.FULLY_SUPPORTED"]], "fallbackscsvscanresult (class in sslyze)": [[0, "sslyze.FallbackScsvScanResult"]], "heartbleed (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.HEARTBLEED"]], "http_headers (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.HTTP_HEADERS"]], "heartbleedscanresult (class in sslyze)": [[0, "sslyze.HeartbleedScanResult"]], "httpheadersscanresult (class in sslyze)": [[0, "sslyze.HttpHeadersScanResult"]], "not_supported (sslyze.tlsresumptionsupportenum attribute)": [[0, "sslyze.TlsResumptionSupportEnum.NOT_SUPPORTED"]], "not_vulnerable_no_oracle (sslyze.robotscanresultenum attribute)": [[0, "id5"], [0, "sslyze.RobotScanResultEnum.NOT_VULNERABLE_NO_ORACLE"]], "not_vulnerable_rsa_not_supported (sslyze.robotscanresultenum attribute)": [[0, "id6"], [0, "sslyze.RobotScanResultEnum.NOT_VULNERABLE_RSA_NOT_SUPPORTED"]], "openssl_ccs_injection (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.OPENSSL_CCS_INJECTION"]], "opensslccsinjectionscanresult (class in sslyze)": [[0, "sslyze.OpenSslCcsInjectionScanResult"]], "partially_supported (sslyze.tlsresumptionsupportenum attribute)": [[0, "sslyze.TlsResumptionSupportEnum.PARTIALLY_SUPPORTED"]], "pathvalidationresult (class in sslyze)": [[0, "sslyze.PathValidationResult"]], "robot (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.ROBOT"]], "robotscanresult (class in sslyze)": [[0, "sslyze.RobotScanResult"]], "robotscanresultenum (class in sslyze)": [[0, "sslyze.RobotScanResultEnum"]], "server_is_tls_1_3_only (sslyze.tlsresumptionsupportenum attribute)": [[0, "sslyze.TlsResumptionSupportEnum.SERVER_IS_TLS_1_3_ONLY"]], "session_renegotiation (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.SESSION_RENEGOTIATION"]], "session_resumption (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.SESSION_RESUMPTION"]], "ssl_2_0 (sslyze.tlsversionenum attribute)": [[0, "sslyze.TlsVersionEnum.SSL_2_0"]], "ssl_2_0_cipher_suites (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.SSL_2_0_CIPHER_SUITES"]], "ssl_3_0 (sslyze.tlsversionenum attribute)": [[0, "sslyze.TlsVersionEnum.SSL_3_0"]], "ssl_3_0_cipher_suites (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.SSL_3_0_CIPHER_SUITES"]], "scancommand (class in sslyze)": [[0, "sslyze.ScanCommand"]], "sessionrenegotiationscanresult (class in sslyze)": [[0, "sslyze.SessionRenegotiationScanResult"]], "sessionresumptionsupportextraargument (class in sslyze)": [[0, "sslyze.SessionResumptionSupportExtraArgument"]], "sessionresumptionsupportscanresult (class in sslyze)": [[0, "sslyze.SessionResumptionSupportScanResult"]], "stricttransportsecurityheader (class in sslyze)": [[0, "sslyze.StrictTransportSecurityHeader"]], "supportedellipticcurvesscanresult (class in sslyze)": [[0, "sslyze.SupportedEllipticCurvesScanResult"]], "tls_1_0 (sslyze.tlsversionenum attribute)": [[0, "sslyze.TlsVersionEnum.TLS_1_0"]], "tls_1_0_cipher_suites (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.TLS_1_0_CIPHER_SUITES"]], "tls_1_1 (sslyze.tlsversionenum attribute)": [[0, "sslyze.TlsVersionEnum.TLS_1_1"]], "tls_1_1_cipher_suites (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.TLS_1_1_CIPHER_SUITES"]], "tls_1_2 (sslyze.tlsversionenum attribute)": [[0, "sslyze.TlsVersionEnum.TLS_1_2"]], "tls_1_2_cipher_suites (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.TLS_1_2_CIPHER_SUITES"]], "tls_1_3 (sslyze.tlsversionenum attribute)": [[0, "sslyze.TlsVersionEnum.TLS_1_3"]], "tls_1_3_cipher_suites (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.TLS_1_3_CIPHER_SUITES"]], "tls_1_3_early_data (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.TLS_1_3_EARLY_DATA"]], "tls_compression (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.TLS_COMPRESSION"]], "tls_fallback_scsv (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.TLS_FALLBACK_SCSV"]], "tlsresumptionsupportenum (class in sslyze)": [[0, "sslyze.TlsResumptionSupportEnum"]], "tlsversionenum (class in sslyze)": [[0, "sslyze.TlsVersionEnum"]], "truststore (class in sslyze)": [[0, "sslyze.TrustStore"]], "unknown_inconsistent_results (sslyze.robotscanresultenum attribute)": [[0, "id7"], [0, "sslyze.RobotScanResultEnum.UNKNOWN_INCONSISTENT_RESULTS"]], "vulnerable_strong_oracle (sslyze.robotscanresultenum attribute)": [[0, "id4"], [0, "sslyze.RobotScanResultEnum.VULNERABLE_STRONG_ORACLE"]], "vulnerable_weak_oracle (sslyze.robotscanresultenum attribute)": [[0, "id0"], [0, "sslyze.RobotScanResultEnum.VULNERABLE_WEAK_ORACLE"]], "accepted_ciphers (sslyze.ciphersuitesscanresult attribute)": [[0, "sslyze.CipherSuitesScanResult.accepted_ciphers"]], "accepts_client_renegotiation (sslyze.sessionrenegotiationscanresult attribute)": [[0, "sslyze.SessionRenegotiationScanResult.accepts_client_renegotiation"]], "certificate_deployments (sslyze.certificateinfoscanresult attribute)": [[0, "sslyze.CertificateInfoScanResult.certificate_deployments"]], "custom_ca_file (sslyze.certificateinfoextraargument attribute)": [[0, "sslyze.CertificateInfoExtraArgument.custom_ca_file"]], "enforce (sslyze.expectctheader attribute)": [[0, "sslyze.ExpectCtHeader.enforce"]], "expect_ct_header (sslyze.httpheadersscanresult attribute)": [[0, "sslyze.HttpHeadersScanResult.expect_ct_header"]], "hostname_used_for_server_name_indication (sslyze.certificateinfoscanresult attribute)": [[0, "sslyze.CertificateInfoScanResult.hostname_used_for_server_name_indication"]], "http_error_trace (sslyze.httpheadersscanresult attribute)": [[0, "sslyze.HttpHeadersScanResult.http_error_trace"]], "http_path_redirected_to (sslyze.httpheadersscanresult attribute)": [[0, "sslyze.HttpHeadersScanResult.http_path_redirected_to"]], "http_request_sent (sslyze.httpheadersscanresult attribute)": [[0, "sslyze.HttpHeadersScanResult.http_request_sent"]], "include_subdomains (sslyze.stricttransportsecurityheader attribute)": [[0, "sslyze.StrictTransportSecurityHeader.include_subdomains"]], "is_certificate_extended_validation() (sslyze.truststore method)": [[0, "sslyze.TrustStore.is_certificate_extended_validation"]], "is_vulnerable_to_ccs_injection (sslyze.opensslccsinjectionscanresult attribute)": [[0, "sslyze.OpenSslCcsInjectionScanResult.is_vulnerable_to_ccs_injection"]], "is_vulnerable_to_heartbleed (sslyze.heartbleedscanresult attribute)": [[0, "sslyze.HeartbleedScanResult.is_vulnerable_to_heartbleed"]], "leaf_certificate_has_must_staple_extension (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.leaf_certificate_has_must_staple_extension"]], "leaf_certificate_is_ev (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.leaf_certificate_is_ev"]], "leaf_certificate_signed_certificate_timestamps_count (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.leaf_certificate_signed_certificate_timestamps_count"]], "leaf_certificate_subject_matches_hostname (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.leaf_certificate_subject_matches_hostname"]], "max_age (sslyze.stricttransportsecurityheader attribute)": [[0, "sslyze.StrictTransportSecurityHeader.max_age"]], "module": [[0, "module-sslyze"]], "name (sslyze.ellipticcurve attribute)": [[0, "sslyze.EllipticCurve.name"]], "name (sslyze.truststore attribute)": [[0, "sslyze.TrustStore.name"]], "number_of_resumptions_to_attempt (sslyze.sessionresumptionsupportextraargument attribute)": [[0, "sslyze.SessionResumptionSupportExtraArgument.number_of_resumptions_to_attempt"]], "ocsp_response (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.ocsp_response"]], "ocsp_response_is_trusted (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.ocsp_response_is_trusted"]], "openssl_error_string (sslyze.pathvalidationresult attribute)": [[0, "sslyze.PathValidationResult.openssl_error_string"]], "openssl_nid (sslyze.ellipticcurve attribute)": [[0, "sslyze.EllipticCurve.openssl_nid"]], "path (sslyze.truststore attribute)": [[0, "sslyze.TrustStore.path"]], "path_validation_results (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.path_validation_results"]], "preload (sslyze.stricttransportsecurityheader attribute)": [[0, "sslyze.StrictTransportSecurityHeader.preload"]], "received_certificate_chain (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.received_certificate_chain"]], "received_chain_contains_anchor_certificate (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.received_chain_contains_anchor_certificate"]], "received_chain_has_valid_order (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.received_chain_has_valid_order"]], "rejected_ciphers (sslyze.ciphersuitesscanresult attribute)": [[0, "sslyze.CipherSuitesScanResult.rejected_ciphers"]], "rejected_curves (sslyze.supportedellipticcurvesscanresult attribute)": [[0, "sslyze.SupportedEllipticCurvesScanResult.rejected_curves"]], "result (sslyze.robotscanresult attribute)": [[0, "sslyze.RobotScanResult.result"]], "session_id_attempted_resumptions_count (sslyze.sessionresumptionsupportscanresult attribute)": [[0, "sslyze.SessionResumptionSupportScanResult.session_id_attempted_resumptions_count"]], "session_id_resumption_result (sslyze.sessionresumptionsupportscanresult attribute)": [[0, "sslyze.SessionResumptionSupportScanResult.session_id_resumption_result"]], "session_id_successful_resumptions_count (sslyze.sessionresumptionsupportscanresult attribute)": [[0, "sslyze.SessionResumptionSupportScanResult.session_id_successful_resumptions_count"]], "sslyze": [[0, "module-sslyze"]], "strict_transport_security_header (sslyze.httpheadersscanresult attribute)": [[0, "sslyze.HttpHeadersScanResult.strict_transport_security_header"]], "supported_curves (sslyze.supportedellipticcurvesscanresult attribute)": [[0, "sslyze.SupportedEllipticCurvesScanResult.supported_curves"]], "supports_compression (sslyze.compressionscanresult attribute)": [[0, "sslyze.CompressionScanResult.supports_compression"]], "supports_early_data (sslyze.earlydatascanresult attribute)": [[0, "sslyze.EarlyDataScanResult.supports_early_data"]], "supports_ecdh_key_exchange (sslyze.supportedellipticcurvesscanresult attribute)": [[0, "sslyze.SupportedEllipticCurvesScanResult.supports_ecdh_key_exchange"]], "supports_fallback_scsv (sslyze.fallbackscsvscanresult attribute)": [[0, "sslyze.FallbackScsvScanResult.supports_fallback_scsv"]], "supports_secure_renegotiation (sslyze.sessionrenegotiationscanresult attribute)": [[0, "sslyze.SessionRenegotiationScanResult.supports_secure_renegotiation"]], "tls_ticket_attempted_resumptions_count (sslyze.sessionresumptionsupportscanresult attribute)": [[0, "sslyze.SessionResumptionSupportScanResult.tls_ticket_attempted_resumptions_count"]], "tls_ticket_resumption_result (sslyze.sessionresumptionsupportscanresult attribute)": [[0, "sslyze.SessionResumptionSupportScanResult.tls_ticket_resumption_result"]], "tls_ticket_successful_resumptions_count (sslyze.sessionresumptionsupportscanresult attribute)": [[0, "sslyze.SessionResumptionSupportScanResult.tls_ticket_successful_resumptions_count"]], "tls_version_used (sslyze.ciphersuitesscanresult attribute)": [[0, "sslyze.CipherSuitesScanResult.tls_version_used"]], "trust_store (sslyze.pathvalidationresult attribute)": [[0, "sslyze.PathValidationResult.trust_store"]], "verified_certificate_chain (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.verified_certificate_chain"]], "verified_certificate_chain (sslyze.pathvalidationresult attribute)": [[0, "sslyze.PathValidationResult.verified_certificate_chain"]], "verified_chain_has_legacy_symantec_anchor (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.verified_chain_has_legacy_symantec_anchor"]], "verified_chain_has_sha1_signature (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.verified_chain_has_sha1_signature"]], "verify_certificate_chain() (sslyze.truststore method)": [[0, "sslyze.TrustStore.verify_certificate_chain"]], "version (sslyze.truststore attribute)": [[0, "sslyze.TrustStore.version"]], "was_validation_successful (sslyze.pathvalidationresult attribute)": [[0, "sslyze.PathValidationResult.was_validation_successful"]], "asn1 (sslyze.opensslfiletypeenum attribute)": [[3, "sslyze.OpenSslFileTypeEnum.ASN1"]], "allscancommandsattempts (class in sslyze)": [[3, "sslyze.AllScanCommandsAttempts"]], "bug_in_sslyze (sslyze.scancommanderrorreasonenum attribute)": [[3, "sslyze.ScanCommandErrorReasonEnum.BUG_IN_SSLYZE"]], "client_certificate_needed (sslyze.scancommanderrorreasonenum attribute)": [[3, "sslyze.ScanCommandErrorReasonEnum.CLIENT_CERTIFICATE_NEEDED"]], "connectivity_issue (sslyze.scancommanderrorreasonenum attribute)": [[3, "sslyze.ScanCommandErrorReasonEnum.CONNECTIVITY_ISSUE"]], "clientauthenticationcredentials (class in sslyze)": [[3, "sslyze.ClientAuthenticationCredentials"]], "ftp (sslyze.protocolwithopportunistictlsenum attribute)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.FTP"]], "imap (sslyze.protocolwithopportunistictlsenum attribute)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.IMAP"]], "ldap (sslyze.protocolwithopportunistictlsenum attribute)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.LDAP"]], "opensslfiletypeenum (class in sslyze)": [[3, "sslyze.OpenSslFileTypeEnum"]], "pem (sslyze.opensslfiletypeenum attribute)": [[3, "sslyze.OpenSslFileTypeEnum.PEM"]], "pop3 (sslyze.protocolwithopportunistictlsenum attribute)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.POP3"]], "postgres (sslyze.protocolwithopportunistictlsenum attribute)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.POSTGRES"]], "protocolwithopportunistictlsenum (class in sslyze)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum"]], "rdp (sslyze.protocolwithopportunistictlsenum attribute)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.RDP"]], "smtp (sslyze.protocolwithopportunistictlsenum attribute)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.SMTP"]], "scancommandattempt (class in sslyze)": [[3, "sslyze.ScanCommandAttempt"]], "scancommanderrorreasonenum (class in sslyze)": [[3, "sslyze.ScanCommandErrorReasonEnum"]], "scanner (class in sslyze)": [[3, "sslyze.Scanner"]], "serverconnectivitystatusenum (class in sslyze)": [[3, "sslyze.ServerConnectivityStatusEnum"]], "servernetworkconfiguration (class in sslyze)": [[3, "sslyze.ServerNetworkConfiguration"]], "servernetworklocation (class in sslyze)": [[3, "sslyze.ServerNetworkLocation"]], "serverscanrequest (class in sslyze)": [[3, "sslyze.ServerScanRequest"]], "serverscanresult (class in sslyze)": [[3, "sslyze.ServerScanResult"]], "serverscanstatusenum (class in sslyze)": [[3, "sslyze.ServerScanStatusEnum"]], "servertlsprobingresult (class in sslyze)": [[3, "sslyze.ServerTlsProbingResult"]], "wrong_usage (sslyze.scancommanderrorreasonenum attribute)": [[3, "sslyze.ScanCommandErrorReasonEnum.WRONG_USAGE"]], "xmpp (sslyze.protocolwithopportunistictlsenum attribute)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.XMPP"]], "xmpp_server (sslyze.protocolwithopportunistictlsenum attribute)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.XMPP_SERVER"]], "certificate_chain_path (sslyze.clientauthenticationcredentials attribute)": [[3, "sslyze.ClientAuthenticationCredentials.certificate_chain_path"]], "connection_type (sslyze.servernetworklocation attribute)": [[3, "sslyze.ServerNetworkLocation.connection_type"]], "connectivity_error_trace (sslyze.serverscanresult attribute)": [[3, "sslyze.ServerScanResult.connectivity_error_trace"]], "connectivity_result (sslyze.serverscanresult attribute)": [[3, "sslyze.ServerScanResult.connectivity_result"]], "connectivity_status (sslyze.serverscanresult attribute)": [[3, "sslyze.ServerScanResult.connectivity_status"]], "error_reason (sslyze.scancommandattempt attribute)": [[3, "sslyze.ScanCommandAttempt.error_reason"]], "error_trace (sslyze.scancommandattempt attribute)": [[3, "sslyze.ScanCommandAttempt.error_trace"]], "from_default_port() (sslyze.protocolwithopportunistictlsenum class method)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.from_default_port"]], "hostname (sslyze.servernetworklocation attribute)": [[3, "sslyze.ServerNetworkLocation.hostname"]], "http_proxy_settings (sslyze.servernetworklocation attribute)": [[3, "sslyze.ServerNetworkLocation.http_proxy_settings"]], "ip_address (sslyze.servernetworklocation attribute)": [[3, "sslyze.ServerNetworkLocation.ip_address"]], "key_password (sslyze.clientauthenticationcredentials attribute)": [[3, "sslyze.ClientAuthenticationCredentials.key_password"]], "key_path (sslyze.clientauthenticationcredentials attribute)": [[3, "sslyze.ClientAuthenticationCredentials.key_path"]], "key_type (sslyze.clientauthenticationcredentials attribute)": [[3, "sslyze.ClientAuthenticationCredentials.key_type"]], "network_configuration (sslyze.serverscanresult attribute)": [[3, "sslyze.ServerScanResult.network_configuration"]], "network_max_retries (sslyze.servernetworkconfiguration attribute)": [[3, "sslyze.ServerNetworkConfiguration.network_max_retries"]], "network_timeout (sslyze.servernetworkconfiguration attribute)": [[3, "sslyze.ServerNetworkConfiguration.network_timeout"]], "port (sslyze.servernetworklocation attribute)": [[3, "sslyze.ServerNetworkLocation.port"]], "result (sslyze.scancommandattempt attribute)": [[3, "sslyze.ScanCommandAttempt.result"]], "scan_result (sslyze.serverscanresult attribute)": [[3, "sslyze.ServerScanResult.scan_result"]], "scan_status (sslyze.serverscanresult attribute)": [[3, "sslyze.ServerScanResult.scan_status"]], "server_location (sslyze.serverscanresult attribute)": [[3, "sslyze.ServerScanResult.server_location"]], "status (sslyze.scancommandattempt attribute)": [[3, "sslyze.ScanCommandAttempt.status"]], "tls_client_auth_credentials (sslyze.servernetworkconfiguration attribute)": [[3, "sslyze.ServerNetworkConfiguration.tls_client_auth_credentials"]], "tls_server_name_indication (sslyze.servernetworkconfiguration attribute)": [[3, "sslyze.ServerNetworkConfiguration.tls_server_name_indication"]], "tls_wrapped_protocol (sslyze.servernetworkconfiguration attribute)": [[3, "sslyze.ServerNetworkConfiguration.tls_wrapped_protocol"]], "uuid (sslyze.serverscanresult attribute)": [[3, "sslyze.ServerScanResult.uuid"]], "xmpp_to_hostname (sslyze.servernetworkconfiguration attribute)": [[3, "sslyze.ServerNetworkConfiguration.xmpp_to_hostname"]]}}) \ No newline at end of file +Search.setIndex({"docnames": ["available-scan-commands", "index", "json-output", "running-a-scan-in-python"], "filenames": ["available-scan-commands.rst", "index.rst", "json-output.rst", "running-a-scan-in-python.rst"], "titles": ["Appendix: Scan Commands", "SSLyze", "Exporting and processing scan results in JSON", "Running a Scan in Python"], "terms": {"everi": [0, 3], "type": [0, 2, 3], "check": [0, 3], "sslyze": [0, 2, 3], "can": [0, 1, 2, 3], "run": 0, "against": [0, 3], "server": [0, 1, 2, 3], "etc": [0, 1], "i": [0, 1, 2, 3], "repres": [0, 3], "scancommand": [0, 1, 3], "which": [0, 3], "when": [0, 1, 3], "return": [0, 3], "specif": [0, 2, 3], "thi": [0, 2, 3], "page": [0, 1], "list": [0, 2, 3], "all": [0, 2, 3], "correspond": [0, 3], "avail": [0, 1, 2, 3], "current": 0, "releas": [0, 1], "For": 0, "an": [0, 3], "exampl": [0, 1], "how": [0, 1, 3], "via": [0, 3], "python": [0, 2], "api": [0, 3], "see": 0, "The": [0, 1, 2, 3], "follow": [0, 2, 3], "ar": [0, 1, 2, 3], "version": 0, "valu": [0, 3], "name": [0, 3], "none": [0, 2, 3], "modul": [0, 1, 3], "qualnam": [0, 3], "start": 0, "boundari": [0, 3], "certificate_info": [0, 2, 3], "session_resumpt": [0, 3], "ssl_2_0_cipher_suit": [0, 3], "ssl_3_0_cipher_suit": [0, 3], "tls_1_0_cipher_suit": [0, 3], "tls_1_1_cipher_suit": [0, 3], "tls_1_2_cipher_suit": [0, 3], "tls_1_3_cipher_suit": [0, 3], "tls_compress": [0, 3], "tls_1_3_early_data": [0, 3], "openssl_ccs_inject": [0, 3], "tls_fallback_scsv": [0, 3], "session_renegoti": [0, 3], "http_header": [0, 3], "elliptic_curv": [0, 3], "next": 0, "section": [0, 2], "describ": [0, 2, 3], "each": [0, 3], "retriev": [0, 3], "analyz": [0, 1], "": [0, 1, 3], "verifi": 0, "its": 0, "valid": 0, "certificateinfoextraargu": 0, "custom_ca_fil": 0, "addit": 0, "configur": [0, 1, 3], "path": [0, 2, 3], "custom": 0, "trust": 0, "store": 0, "file": [0, 2, 3], "us": [0, 3], "should": [0, 3], "contain": [0, 2, 3], "pem": [0, 3], "format": [0, 3], "root": 0, "paramet": [0, 3], "certificateinfoscanresult": 0, "hostname_used_for_server_name_ind": 0, "certificate_deploy": [0, 2, 3], "hostnam": [0, 2, 3], "sent": 0, "indic": [0, 3], "extens": [0, 3], "A": [0, 2, 3], "leaf": [0, 2], "detect": [0, 1, 3], "analysi": 0, "most": 0, "onli": [0, 3], "deploi": [0, 3], "one": [0, 3], "some": [0, 3], "websit": 0, "facebook": [0, 2], "differ": 0, "depend": 0, "client": 0, "wai": 0, "maxim": 0, "compat": 0, "older": 0, "devic": 0, "str": [0, 3], "certificatedeploymentanalysisresult": 0, "received_certificate_chain": [0, 2, 3], "leaf_certificate_subject_matches_hostnam": [], "leaf_certificate_has_must_staple_extens": 0, "leaf_certificate_is_ev": 0, "leaf_certificate_signed_certificate_timestamps_count": 0, "received_chain_contains_anchor_certif": 0, "received_chain_has_valid_ord": 0, "path_validation_result": 0, "verified_chain_has_sha1_signatur": 0, "verified_chain_has_legacy_symantec_anchor": 0, "ocsp_respons": 0, "ocsp_response_is_trust": 0, "ani": [0, 1], "within": [0, 3], "field": [0, 2, 3], "pars": [0, 1, 3], "object": [0, 2, 3], "cryptographi": 0, "document": 0, "io": 0, "en": 0, "latest": 0, "x509": 0, "refer": 0, "html": 0, "highlight": 0, "chain": 0, "index": [0, 1], "0": [0, 1, 2, 3], "verified_certificate_chain": 0, "packag": 0, "Will": 0, "fail": [0, 2, 3], "appl": 0, "mozilla": 0, "essenti": 0, "shortcut": 0, "path_validation_result_list": 0, "If": [0, 3], "given": [0, 3], "wa": [0, 3], "success": 0, "built": 0, "from": [0, 3], "pathvalidationresult": 0, "true": 0, "common": 0, "subject": 3, "altern": [], "match": [], "extend": 0, "accord": 0, "ocsp": 0, "must": 0, "stapl": 0, "present": 0, "number": [0, 3], "sign": 0, "timestamp": 0, "sct": 0, "transpar": 0, "embed": 0, "instal": 0, "system": 0, "too": 0, "old": 0, "abl": [0, 3], "right": 0, "order": [0, 1, 3], "could": [0, 3], "includ": [0, 3], "anchor": 0, "send": [0, 3], "back": 0, "intermedi": 0, "sha": 0, "algorithm": 0, "distrust": 0, "symantec": 0, "blog": 0, "quali": 0, "com": [0, 2, 3], "ssllab": 0, "2017": 0, "09": 0, "26": 0, "googl": [0, 2, 3], "deprec": 0, "exist": 0, "respons": [0, 3], "through": [0, 3], "proxi": [0, 3], "forward": 0, "ocsprespons": 0, "bool": [0, 3], "int": [0, 3], "trust_stor": 0, "openssl_error_str": [], "try": [0, 3], "last": 0, "element": 0, "ca": 0, "x": 0, "509": 0, "string": [], "function": 0, "was_validation_success": 0, "whether": [0, 3], "suppli": [0, 3], "truststor": 0, "ev_oid": 0, "set": [0, 1], "local": 0, "human": 0, "readabl": 0, "date": 0, "2016": 0, "objectidentifi": 0, "is_certificate_extended_valid": 0, "ev": 0, "verify_certificate_chain": 0, "certificate_chain_as_pem": 0, "test": [0, 1, 3], "ssl": [0, 1], "2": [0, 3], "ciphersuitesscanresult": 0, "tls_version_us": 0, "accepted_cipher_suit": [0, 3], "rejected_cipher_suit": 0, "connect": [0, 1, 3], "accepted_ciph": 0, "both": 0, "rejected_ciph": 0, "were": [0, 2, 3], "reject": 0, "tlsversionenum": [0, 3], "ciphersuiteacceptedbyserv": 0, "ciphersuiterejectedbyserv": 0, "cipher_suit": [0, 3], "error_messag": 0, "ciphersuit": 0, "ephemeral_kei": 0, "ephemer": 0, "kei": [0, 3], "negoti": 0, "ec": 0, "dh": 0, "doe": 0, "ephemeralkeyinfo": 0, "size": 0, "public_byt": 0, "share": 0, "kind": [0, 3], "exchang": 0, "opensslevppkeyenum": 0, "bytearrai": 0, "is_anonym": 0, "key_siz": 0, "openssl_nam": 0, "ssl_2_0": 0, "ssl_3_0": 0, "tls_1_0": 0, "tls_1_1": 0, "4": 0, "tls_1_2": 0, "5": [0, 3], "tls_1_3": 0, "6": [0, 1], "supportedellipticcurvesscanresult": 0, "supports_ecdh_key_exchang": [0, 3], "supported_curv": 0, "rejected_curv": 0, "least": 0, "ecdh": 0, "ellipticcurv": 0, "accept": 0, "openssl_nid": 0, "ansi": 0, "x9": 0, "62": 0, "otherwis": 0, "secg": 0, "nid_xxx": 0, "obj_mac": 0, "h": 0, "vulner": [0, 1], "robotscanresult": 0, "robot_result": 0, "enum": 0, "provid": [0, 1, 2, 3], "robotscanresultenum": 0, "attempt": [0, 3], "exploit": 0, "issu": 0, "vulnerable_weak_oracl": 0, "attack": [0, 1], "would": 0, "take": 0, "long": 0, "vulnerable_strong_oracl": 0, "real": 0, "feasibl": 0, "not_vulnerable_no_oracl": 0, "rsa": 0, "act": 0, "oracl": 0, "not_vulnerable_rsa_not_support": 0, "unknown_inconsistent_result": 0, "determin": 0, "id": [0, 3], "ticket": 0, "tlsresumptionsupportenum": 0, "resum": 0, "fully_support": 0, "partially_support": 0, "not_support": 0, "server_is_tls_1_3_onli": 0, "nor": 0, "sessionresumptionsupportextraargu": 0, "number_of_resumptions_to_attempt": 0, "default": [0, 3], "higher": 0, "100": 0, "get": 0, "more": [0, 3], "accur": 0, "measur": 0, "often": 0, "succe": 0, "sessionresumptionsupportscanresult": 0, "session_id_resumption_result": 0, "session_id_attempted_resumptions_count": 0, "session_id_successful_resumptions_count": 0, "tls_ticket_resumption_result": 0, "tls_ticket_attempted_resumptions_count": 0, "tls_ticket_successful_resumptions_count": 0, "overal": 0, "total": 0, "compress": 0, "leverag": [0, 3], "perform": [0, 3], "compressionscanresult": 0, "supports_compress": 0, "therebi": [0, 2], "enabl": 0, "earlydatascanresult": 0, "supports_early_data": 0, "mechan": 0, "fallbackscsvscanresult": 0, "supports_fallback_scsv": 0, "heartbleedscanresult": 0, "is_vulnerable_to_heartble": 0, "presenc": 0, "relat": 0, "httpheadersscanresult": 0, "http_request_s": 0, "http_error_trac": 0, "http_path_redirected_to": 0, "strict_transport_security_head": 0, "expect_ct_head": [], "below": 0, "did": 0, "without": [0, 3], "initi": 0, "request": [0, 3], "error": [0, 2, 3], "after": [0, 3], "receiv": 0, "subsequ": 0, "eventu": 0, "redirect": 0, "strict": 0, "transport": 0, "alwai": [], "becaus": [], "expect": 3, "ct": [], "ha": 3, "offici": [], "been": [], "tracebackexcept": [0, 3], "stricttransportsecurityhead": 0, "max_ag": 0, "preload": 0, "include_subdomain": 0, "direct": [0, 3], "includesubdomain": 0, "max": 0, "ag": 0, "expectcthead": [], "report_uri": [], "enforc": [], "report": [], "uri": [], "cve": 0, "2014": 0, "0224": 0, "opensslccsinjectionscanresult": 0, "is_vulnerable_to_ccs_inject": 0, "sessionrenegotiationscanresult": 0, "supports_secure_renegoti": 0, "is_vulnerable_to_client_renegotiation_do": 0, "accepts_client_renegoti": 0, "honor": 0, "fast": 1, "power": 1, "tl": 1, "tool": 1, "librari": 1, "ensur": [1, 3], "strong": 1, "encrypt": 1, "certif": [1, 2, 3], "cipher": [1, 3], "suit": [1, 3], "ellipt": 1, "curv": 1, "known": 1, "heartble": [1, 3], "robot": [1, 3], "openssl": [1, 3], "cc": 1, "inject": 1, "instruct": 1, "readm": 1, "give": 1, "full": 1, "access": 1, "engin": 1, "make": [1, 2, 3], "easi": [1, 2], "implement": 1, "part": 1, "continu": [1, 2, 3], "secur": 1, "platform": 1, "misconfigur": 1, "across": 1, "rang": 1, "public": 1, "intern": 1, "endpoint": 1, "overview": 1, "class": [1, 2], "serial": [1, 2, 3], "further": [1, 2], "also": [1, 2], "helper": [1, 2], "separ": [1, 2], "program": [1, 2], "cli": 1, "output": 1, "inform": [1, 3], "support": [1, 3], "session": 1, "resumpt": 1, "crime": 1, "1": [1, 3], "3": [1, 3], "earli": 1, "data": 1, "downgrad": 1, "prevent": 1, "http": [1, 3], "header": 1, "insecur": 1, "renegoti": 1, "search": 1, "schema": 2, "code": [2, 3], "repositori": 2, "json_output_schema": 2, "json_out": 2, "option": [2, 3], "m": 2, "www": 2, "gener": 2, "sslyzeoutputasjson": 2, "from_orm": 2, "method": [2, 3], "def": [2, 3], "example_json_result_output": [2, 3], "json_file_out": [2, 3], "all_server_scan_result": [2, 3], "serverscanresult": [2, 3], "date_scans_start": [2, 3], "datetim": [0, 2, 3], "date_scans_complet": 2, "json_output": 2, "server_scan_result": [2, 3], "serverscanresultasjson": 2, "invalid_server_str": 2, "Not": 2, "need": [2, 3], "here": 2, "interfac": 2, "json_output_as_str": 2, "todo": [], "617": [], "switch": [], "model_dump_json": 2, "write_text": 2, "from_fil": 2, "example_json_result_pars": [2, 3], "results_as_json_fil": 2, "save": [2, 3], "results_as_json": 2, "read_text": 2, "These": 2, "parsed_result": 2, "parse_raw": [], "do": [2, 3], "post": 2, "inspect": 2, "print": [2, 3], "f": [2, 3], "n": [2, 3], "server_loc": [2, 3], "port": [2, 3], "scan_statu": [2, 3], "serverscanstatusenum": [2, 3], "error_no_connect": [2, 3], "That": 2, "connectivity_error_trac": [2, 3], "assert": [2, 3], "scan_result": [2, 3], "certinfo_attempt": [2, 3], "statu": [2, 3], "scancommandattemptstatusenum": [2, 3], "_print_failed_scan_command_attempt": [2, 3], "ignor": 2, "els": 2, "certinfo_result": [2, 3], "cert_deploy": [2, 3], "sha1": 2, "fingerprint_sha1": 2, "annot": [2, 3], "easier": [2, 3], "autom": 3, "fashion": 3, "allow": 3, "v": 3, "pycharm": 3, "auto": 3, "import": 3, "complet": 3, "sure": 3, "significantli": 3, "To": 3, "serverscanrequest": 3, "about": 3, "all_scan_request": 3, "servernetworkloc": 3, "cloudflar": 3, "except": 3, "serverhostnamecouldnotberesolv": 3, "handl": 3, "bad": 3, "input": 3, "ie": 3, "invalid": 3, "resolv": 3, "detail": 3, "argument": 3, "ip": 3, "address": 3, "network": 3, "network_configur": 3, "non": 3, "scan_command": 3, "By": 3, "onc": 3, "attribut": 3, "command": 3, "appendix": 3, "Then": 3, "pass": 3, "scanner": 3, "queue_scan": 3, "pool": 3, "worker": 3, "concurr": 3, "ing": 3, "lastli": 3, "get_result": 3, "iter": 3, "soon": 3, "coupl": 3, "main": 3, "utcnow": 3, "first": 3, "creat": 3, "we": 3, "want": 3, "queue": 3, "And": 3, "append": 3, "No": 3, "weren": 3, "t": 3, "nerror": 3, "sinc": 3, "popul": 3, "ssl2_attempt": 3, "happen": 3, "elif": 3, "successfulli": 3, "ssl2_result": 3, "naccept": 3, "tls1_3_attempt": 3, "tls1_3_result": 3, "info": 3, "nleaf": 3, "leaf_cert": 3, "public_kei": 3, "__class__": 3, "__name__": 3, "rfc4514_string": 3, "serial_numb": 3, "other": 3, "json": 3, "api_sample_result": 3, "them": 3, "factori": 3, "scan_commands_extra_argu": 3, "uuid": 3, "servernetworkconfigur": 3, "scancommandsextraargu": 3, "extra": 3, "443": 3, "ip_address": 3, "http_proxy_set": 3, "connection_typ": 3, "either": 3, "directli": 3, "automat": 3, "lookup": 3, "tunnel": 3, "look": 3, "up": 3, "httpproxyset": 3, "per_server_concurrent_connections_limit": 3, "concurrent_server_scans_limit": 3, "observ": 3, "sequenc": 3, "scannerobserv": 3, "tls_server_name_ind": 3, "tls_opportunistic_encrypt": 3, "tls_client_auth_credenti": 3, "xmpp_to_hostnam": 3, "network_timeout": 3, "network_max_retri": 3, "fine": 3, "grain": 3, "control": 3, "tls_wrapped_protocol": 3, "protocol": 3, "wrap": 3, "It": 3, "figur": 3, "out": 3, "establish": 3, "what": 3, "hello": 3, "messag": 3, "smtp": 3, "xmpp": 3, "handshak": 3, "standard": 3, "privat": 3, "mutual": 3, "stream": 3, "timeout": 3, "second": 3, "retri": 3, "protocolwithopportunistictlsenum": 3, "clientauthenticationcredenti": 3, "plaintext": 3, "opportunist": 3, "upgrad": 3, "xmpp_server": 3, "ftp": 3, "pop3": 3, "ldap": 3, "imap": 3, "rdp": 3, "postgr": 3, "classmethod": 3, "from_default_port": 3, "certificate_chain_path": 3, "key_path": 3, "key_password": 3, "key_typ": 3, "opensslfiletypeenum": 3, "everyth": 3, "password": 3, "decrypt": 3, "constant": 3, "map": 3, "ssl_filetype_xxx": 3, "asn1": 3, "connectivity_statu": 3, "connectivity_result": 3, "NOT": 3, "serverconnectivitystatusenum": 3, "servertlsprobingresult": 3, "allscancommandsattempt": 3, "highest_tls_version_support": 3, "cipher_suite_support": 3, "client_auth_requir": 3, "clientauthrequirementenum": 3, "certificateinfoscanattempt": 3, "ciphersuitesscanattempt": 3, "compressionscanattempt": 3, "earlydatascanattempt": 3, "opensslccsinjectionscanattempt": 3, "fallbackscsvscanattempt": 3, "heartbleedscanattempt": 3, "robotscanattempt": 3, "sessionrenegotiationscanattempt": 3, "sessionresumptionsupportscanattempt": 3, "supportedellipticcurvesscanattempt": 3, "httpheadersscanattempt": 3, "scancommandattempt": 3, "error_reason": 3, "error_trac": 3, "singl": 3, "ran": 3, "reason": 3, "why": 3, "succeed": 3, "trace": 3, "actual": 3, "scanresult": 3, "scancommanderrorreasonenum": 3, "typevar": 3, "_scancommandresulttypevar": 3, "bug_in_sslyz": 3, "client_certificate_need": 3, "connectivity_issu": 3, "wrong_usag": 3, "validation_error": 0, "server_hostnam": 0, "validation_tim": 0, "model_valid": 2, "model_validate_json": 2}, "objects": {"": [[0, 0, 0, "-", "sslyze"]], "sslyze": [[3, 1, 1, "", "AllScanCommandsAttempts"], [0, 1, 1, "", "CertificateDeploymentAnalysisResult"], [0, 1, 1, "", "CertificateInfoExtraArgument"], [0, 1, 1, "", "CertificateInfoScanResult"], [0, 1, 1, "", "CipherSuite"], [0, 1, 1, "", "CipherSuiteAcceptedByServer"], [0, 1, 1, "", "CipherSuiteRejectedByServer"], [0, 1, 1, "", "CipherSuitesScanResult"], [3, 1, 1, "", "ClientAuthenticationCredentials"], [0, 1, 1, "", "CompressionScanResult"], [0, 1, 1, "", "EarlyDataScanResult"], [0, 1, 1, "", "EllipticCurve"], [0, 1, 1, "", "EphemeralKeyInfo"], [0, 1, 1, "", "FallbackScsvScanResult"], [0, 1, 1, "", "HeartbleedScanResult"], [0, 1, 1, "", "HttpHeadersScanResult"], [0, 1, 1, "", "OpenSslCcsInjectionScanResult"], [3, 1, 1, "", "OpenSslFileTypeEnum"], [0, 1, 1, "", "PathValidationResult"], [3, 1, 1, "", "ProtocolWithOpportunisticTlsEnum"], [0, 1, 1, "", "RobotScanResult"], [0, 1, 1, "", "RobotScanResultEnum"], [0, 1, 1, "", "ScanCommand"], [3, 1, 1, "", "ScanCommandAttempt"], [3, 1, 1, "", "ScanCommandErrorReasonEnum"], [3, 1, 1, "", "Scanner"], [3, 1, 1, "", "ServerConnectivityStatusEnum"], [3, 1, 1, "", "ServerNetworkConfiguration"], [3, 1, 1, "", "ServerNetworkLocation"], [3, 1, 1, "", "ServerScanRequest"], [3, 1, 1, "", "ServerScanResult"], [3, 1, 1, "", "ServerScanStatusEnum"], [3, 1, 1, "", "ServerTlsProbingResult"], [0, 1, 1, "", "SessionRenegotiationScanResult"], [0, 1, 1, "", "SessionResumptionSupportExtraArgument"], [0, 1, 1, "", "SessionResumptionSupportScanResult"], [0, 1, 1, "", "StrictTransportSecurityHeader"], [0, 1, 1, "", "SupportedEllipticCurvesScanResult"], [0, 1, 1, "", "TlsResumptionSupportEnum"], [0, 1, 1, "", "TlsVersionEnum"], [0, 1, 1, "", "TrustStore"]], "sslyze.CertificateDeploymentAnalysisResult": [[0, 2, 1, "", "leaf_certificate_has_must_staple_extension"], [0, 2, 1, "", "leaf_certificate_is_ev"], [0, 2, 1, "", "leaf_certificate_signed_certificate_timestamps_count"], [0, 2, 1, "", "ocsp_response"], [0, 2, 1, "", "ocsp_response_is_trusted"], [0, 2, 1, "", "path_validation_results"], [0, 2, 1, "", "received_certificate_chain"], [0, 2, 1, "", "received_chain_contains_anchor_certificate"], [0, 2, 1, "", "received_chain_has_valid_order"], [0, 2, 1, "", "verified_certificate_chain"], [0, 2, 1, "", "verified_chain_has_legacy_symantec_anchor"], [0, 2, 1, "", "verified_chain_has_sha1_signature"]], "sslyze.CertificateInfoExtraArgument": [[0, 2, 1, "", "custom_ca_file"]], "sslyze.CertificateInfoScanResult": [[0, 2, 1, "", "certificate_deployments"], [0, 2, 1, "", "hostname_used_for_server_name_indication"]], "sslyze.CipherSuitesScanResult": [[0, 2, 1, "", "accepted_ciphers"], [0, 2, 1, "", "rejected_ciphers"], [0, 2, 1, "", "tls_version_used"]], "sslyze.ClientAuthenticationCredentials": [[3, 2, 1, "", "certificate_chain_path"], [3, 2, 1, "", "key_password"], [3, 2, 1, "", "key_path"], [3, 2, 1, "", "key_type"]], "sslyze.CompressionScanResult": [[0, 2, 1, "", "supports_compression"]], "sslyze.EarlyDataScanResult": [[0, 2, 1, "", "supports_early_data"]], "sslyze.EllipticCurve": [[0, 2, 1, "", "name"], [0, 2, 1, "", "openssl_nid"]], "sslyze.FallbackScsvScanResult": [[0, 2, 1, "", "supports_fallback_scsv"]], "sslyze.HeartbleedScanResult": [[0, 2, 1, "", "is_vulnerable_to_heartbleed"]], "sslyze.HttpHeadersScanResult": [[0, 2, 1, "", "http_error_trace"], [0, 2, 1, "", "http_path_redirected_to"], [0, 2, 1, "", "http_request_sent"], [0, 2, 1, "", "strict_transport_security_header"]], "sslyze.OpenSslCcsInjectionScanResult": [[0, 2, 1, "", "is_vulnerable_to_ccs_injection"]], "sslyze.OpenSslFileTypeEnum": [[3, 2, 1, "", "ASN1"], [3, 2, 1, "", "PEM"]], "sslyze.PathValidationResult": [[0, 2, 1, "", "trust_store"], [0, 2, 1, "", "validation_error"], [0, 2, 1, "", "verified_certificate_chain"], [0, 2, 1, "", "was_validation_successful"]], "sslyze.ProtocolWithOpportunisticTlsEnum": [[3, 2, 1, "", "FTP"], [3, 2, 1, "", "IMAP"], [3, 2, 1, "", "LDAP"], [3, 2, 1, "", "POP3"], [3, 2, 1, "", "POSTGRES"], [3, 2, 1, "", "RDP"], [3, 2, 1, "", "SMTP"], [3, 2, 1, "", "XMPP"], [3, 2, 1, "", "XMPP_SERVER"], [3, 3, 1, "", "from_default_port"]], "sslyze.RobotScanResult": [[0, 2, 1, "", "result"]], "sslyze.RobotScanResultEnum": [[0, 2, 1, "id5", "NOT_VULNERABLE_NO_ORACLE"], [0, 2, 1, "id6", "NOT_VULNERABLE_RSA_NOT_SUPPORTED"], [0, 2, 1, "id7", "UNKNOWN_INCONSISTENT_RESULTS"], [0, 2, 1, "id4", "VULNERABLE_STRONG_ORACLE"], [0, 2, 1, "id0", "VULNERABLE_WEAK_ORACLE"]], "sslyze.ScanCommand": [[0, 2, 1, "", "CERTIFICATE_INFO"], [0, 2, 1, "", "ELLIPTIC_CURVES"], [0, 2, 1, "", "HEARTBLEED"], [0, 2, 1, "", "HTTP_HEADERS"], [0, 2, 1, "", "OPENSSL_CCS_INJECTION"], [0, 2, 1, "", "ROBOT"], [0, 2, 1, "", "SESSION_RENEGOTIATION"], [0, 2, 1, "", "SESSION_RESUMPTION"], [0, 2, 1, "", "SSL_2_0_CIPHER_SUITES"], [0, 2, 1, "", "SSL_3_0_CIPHER_SUITES"], [0, 2, 1, "", "TLS_1_0_CIPHER_SUITES"], [0, 2, 1, "", "TLS_1_1_CIPHER_SUITES"], [0, 2, 1, "", "TLS_1_2_CIPHER_SUITES"], [0, 2, 1, "", "TLS_1_3_CIPHER_SUITES"], [0, 2, 1, "", "TLS_1_3_EARLY_DATA"], [0, 2, 1, "", "TLS_COMPRESSION"], [0, 2, 1, "", "TLS_FALLBACK_SCSV"]], "sslyze.ScanCommandAttempt": [[3, 2, 1, "", "error_reason"], [3, 2, 1, "", "error_trace"], [3, 2, 1, "", "result"], [3, 2, 1, "", "status"]], "sslyze.ScanCommandErrorReasonEnum": [[3, 2, 1, "", "BUG_IN_SSLYZE"], [3, 2, 1, "", "CLIENT_CERTIFICATE_NEEDED"], [3, 2, 1, "", "CONNECTIVITY_ISSUE"], [3, 2, 1, "", "WRONG_USAGE"]], "sslyze.ServerNetworkConfiguration": [[3, 2, 1, "", "network_max_retries"], [3, 2, 1, "", "network_timeout"], [3, 2, 1, "", "tls_client_auth_credentials"], [3, 2, 1, "", "tls_server_name_indication"], [3, 2, 1, "", "tls_wrapped_protocol"], [3, 2, 1, "", "xmpp_to_hostname"]], "sslyze.ServerNetworkLocation": [[3, 2, 1, "", "connection_type"], [3, 2, 1, "", "hostname"], [3, 2, 1, "", "http_proxy_settings"], [3, 2, 1, "", "ip_address"], [3, 2, 1, "", "port"]], "sslyze.ServerScanResult": [[3, 2, 1, "", "connectivity_error_trace"], [3, 2, 1, "", "connectivity_result"], [3, 2, 1, "", "connectivity_status"], [3, 2, 1, "", "network_configuration"], [3, 2, 1, "", "scan_result"], [3, 2, 1, "", "scan_status"], [3, 2, 1, "", "server_location"], [3, 2, 1, "", "uuid"]], "sslyze.SessionRenegotiationScanResult": [[0, 2, 1, "", "accepts_client_renegotiation"], [0, 2, 1, "", "supports_secure_renegotiation"]], "sslyze.SessionResumptionSupportExtraArgument": [[0, 2, 1, "", "number_of_resumptions_to_attempt"]], "sslyze.SessionResumptionSupportScanResult": [[0, 2, 1, "", "session_id_attempted_resumptions_count"], [0, 2, 1, "", "session_id_resumption_result"], [0, 2, 1, "", "session_id_successful_resumptions_count"], [0, 2, 1, "", "tls_ticket_attempted_resumptions_count"], [0, 2, 1, "", "tls_ticket_resumption_result"], [0, 2, 1, "", "tls_ticket_successful_resumptions_count"]], "sslyze.StrictTransportSecurityHeader": [[0, 2, 1, "", "include_subdomains"], [0, 2, 1, "", "max_age"], [0, 2, 1, "", "preload"]], "sslyze.SupportedEllipticCurvesScanResult": [[0, 2, 1, "", "rejected_curves"], [0, 2, 1, "", "supported_curves"], [0, 2, 1, "", "supports_ecdh_key_exchange"]], "sslyze.TlsResumptionSupportEnum": [[0, 2, 1, "", "FULLY_SUPPORTED"], [0, 2, 1, "", "NOT_SUPPORTED"], [0, 2, 1, "", "PARTIALLY_SUPPORTED"], [0, 2, 1, "", "SERVER_IS_TLS_1_3_ONLY"]], "sslyze.TlsVersionEnum": [[0, 2, 1, "", "SSL_2_0"], [0, 2, 1, "", "SSL_3_0"], [0, 2, 1, "", "TLS_1_0"], [0, 2, 1, "", "TLS_1_1"], [0, 2, 1, "", "TLS_1_2"], [0, 2, 1, "", "TLS_1_3"]], "sslyze.TrustStore": [[0, 3, 1, "", "is_certificate_extended_validation"], [0, 2, 1, "", "name"], [0, 2, 1, "", "path"], [0, 3, 1, "", "verify_certificate_chain"], [0, 2, 1, "", "version"]]}, "objtypes": {"0": "py:module", "1": "py:class", "2": "py:attribute", "3": "py:method"}, "objnames": {"0": ["py", "module", "Python module"], "1": ["py", "class", "Python class"], "2": ["py", "attribute", "Python attribute"], "3": ["py", "method", "Python method"]}, "titleterms": {"appendix": [0, 1], "scan": [0, 1, 2, 3], "command": [0, 1], "content": [0, 1], "certif": 0, "inform": 0, "option": 0, "argument": 0, "result": [0, 1, 2, 3], "class": [0, 3], "cipher": 0, "suit": 0, "support": 0, "ellipt": 0, "curv": 0, "robot": 0, "session": 0, "resumpt": 0, "crime": 0, "tl": [0, 3], "1": 0, "3": 0, "earli": 0, "data": 0, "downgrad": 0, "prevent": 0, "heartble": 0, "http": 0, "secur": 0, "header": 0, "openssl": 0, "cc": 0, "inject": 0, "insecur": 0, "renegoti": 0, "sslyze": 1, "instal": 1, "quick": 1, "start": [1, 3], "run": [1, 3], "us": [1, 2], "python": [1, 3], "api": [1, 2], "export": [1, 2], "process": [1, 2, 3], "json": [1, 2], "indic": 1, "tabl": 1, "when": 2, "cli": 2, "pars": 2, "output": 2, "overview": 3, "full": 3, "exampl": 3, "addit": 3, "set": 3, "starttl": 3, "sni": 3, "etc": 3, "enabl": 3, "ssl": 3, "client": 3, "authent": 3}, "envversion": {"sphinx.domains.c": 3, "sphinx.domains.changeset": 1, "sphinx.domains.citation": 1, "sphinx.domains.cpp": 9, "sphinx.domains.index": 1, "sphinx.domains.javascript": 3, "sphinx.domains.math": 2, "sphinx.domains.python": 4, "sphinx.domains.rst": 2, "sphinx.domains.std": 2, "sphinx": 60}, "alltitles": {"Appendix: Scan Commands": [[0, "appendix-scan-commands"], [1, "appendix-scan-commands"]], "Contents": [[0, "contents"], [1, "contents"]], "Certificate Information": [[0, "certificate-information"]], "Optional arguments": [[0, "optional-arguments"]], "Result class": [[0, "result-class"], [0, "id1"], [0, "id2"], [0, "id3"], [0, "id8"], [0, "id9"], [0, "id10"], [0, "id11"], [0, "id12"], [0, "id13"], [0, "id14"], [0, "id15"]], "Cipher Suites": [[0, "cipher-suites"]], "Supported Elliptic Curves": [[0, "supported-elliptic-curves"]], "ROBOT": [[0, "robot"]], "Session Resumption Support": [[0, "session-resumption-support"]], "CRIME": [[0, "crime"]], "TLS 1.3 Early Data": [[0, "tls-1-3-early-data"]], "Downgrade Prevention": [[0, "downgrade-prevention"]], "Heartbleed": [[0, "heartbleed"]], "HTTP Security Headers": [[0, "http-security-headers"]], "OpenSSL CCS Injection": [[0, "openssl-ccs-injection"]], "Insecure Renegotiation": [[0, "insecure-renegotiation"]], "SSLyze": [[1, "sslyze"]], "Installation & Quick Start": [[1, "installation-quick-start"]], "Running scans using the Python API": [[1, "running-scans-using-the-python-api"]], "Exporting and processing scan results in JSON": [[1, "exporting-and-processing-scan-results-in-json"], [2, "exporting-and-processing-scan-results-in-json"]], "Indices and tables": [[1, "indices-and-tables"]], "Exporting results to JSON when using the CLI": [[2, "exporting-results-to-json-when-using-the-cli"]], "Exporting results to JSON when using the API": [[2, "exporting-results-to-json-when-using-the-api"]], "Parsing the JSON output": [[2, "parsing-the-json-output"]], "Running a Scan in Python": [[3, "running-a-scan-in-python"]], "Overview": [[3, "overview"]], "Full Example": [[3, "full-example"]], "Classes for Starting a Scan": [[3, "classes-for-starting-a-scan"]], "Additional settings: StartTLS, SNI, etc.": [[3, "additional-settings-starttls-sni-etc"]], "Enabling SSL/TLS client authentication": [[3, "enabling-ssl-tls-client-authentication"]], "Classes for Processing Scan Results": [[3, "classes-for-processing-scan-results"]]}, "indexentries": {"certificate_info (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.CERTIFICATE_INFO"]], "certificatedeploymentanalysisresult (class in sslyze)": [[0, "sslyze.CertificateDeploymentAnalysisResult"]], "certificateinfoextraargument (class in sslyze)": [[0, "sslyze.CertificateInfoExtraArgument"]], "certificateinfoscanresult (class in sslyze)": [[0, "sslyze.CertificateInfoScanResult"]], "ciphersuite (class in sslyze)": [[0, "sslyze.CipherSuite"]], "ciphersuiteacceptedbyserver (class in sslyze)": [[0, "sslyze.CipherSuiteAcceptedByServer"]], "ciphersuiterejectedbyserver (class in sslyze)": [[0, "sslyze.CipherSuiteRejectedByServer"]], "ciphersuitesscanresult (class in sslyze)": [[0, "sslyze.CipherSuitesScanResult"]], "compressionscanresult (class in sslyze)": [[0, "sslyze.CompressionScanResult"]], "elliptic_curves (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.ELLIPTIC_CURVES"]], "earlydatascanresult (class in sslyze)": [[0, "sslyze.EarlyDataScanResult"]], "ellipticcurve (class in sslyze)": [[0, "sslyze.EllipticCurve"]], "ephemeralkeyinfo (class in sslyze)": [[0, "sslyze.EphemeralKeyInfo"]], "fully_supported (sslyze.tlsresumptionsupportenum attribute)": [[0, "sslyze.TlsResumptionSupportEnum.FULLY_SUPPORTED"]], "fallbackscsvscanresult (class in sslyze)": [[0, "sslyze.FallbackScsvScanResult"]], "heartbleed (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.HEARTBLEED"]], "http_headers (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.HTTP_HEADERS"]], "heartbleedscanresult (class in sslyze)": [[0, "sslyze.HeartbleedScanResult"]], "httpheadersscanresult (class in sslyze)": [[0, "sslyze.HttpHeadersScanResult"]], "not_supported (sslyze.tlsresumptionsupportenum attribute)": [[0, "sslyze.TlsResumptionSupportEnum.NOT_SUPPORTED"]], "not_vulnerable_no_oracle (sslyze.robotscanresultenum attribute)": [[0, "id5"], [0, "sslyze.RobotScanResultEnum.NOT_VULNERABLE_NO_ORACLE"]], "not_vulnerable_rsa_not_supported (sslyze.robotscanresultenum attribute)": [[0, "id6"], [0, "sslyze.RobotScanResultEnum.NOT_VULNERABLE_RSA_NOT_SUPPORTED"]], "openssl_ccs_injection (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.OPENSSL_CCS_INJECTION"]], "opensslccsinjectionscanresult (class in sslyze)": [[0, "sslyze.OpenSslCcsInjectionScanResult"]], "partially_supported (sslyze.tlsresumptionsupportenum attribute)": [[0, "sslyze.TlsResumptionSupportEnum.PARTIALLY_SUPPORTED"]], "pathvalidationresult (class in sslyze)": [[0, "sslyze.PathValidationResult"]], "robot (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.ROBOT"]], "robotscanresult (class in sslyze)": [[0, "sslyze.RobotScanResult"]], "robotscanresultenum (class in sslyze)": [[0, "sslyze.RobotScanResultEnum"]], "server_is_tls_1_3_only (sslyze.tlsresumptionsupportenum attribute)": [[0, "sslyze.TlsResumptionSupportEnum.SERVER_IS_TLS_1_3_ONLY"]], "session_renegotiation (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.SESSION_RENEGOTIATION"]], "session_resumption (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.SESSION_RESUMPTION"]], "ssl_2_0 (sslyze.tlsversionenum attribute)": [[0, "sslyze.TlsVersionEnum.SSL_2_0"]], "ssl_2_0_cipher_suites (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.SSL_2_0_CIPHER_SUITES"]], "ssl_3_0 (sslyze.tlsversionenum attribute)": [[0, "sslyze.TlsVersionEnum.SSL_3_0"]], "ssl_3_0_cipher_suites (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.SSL_3_0_CIPHER_SUITES"]], "scancommand (class in sslyze)": [[0, "sslyze.ScanCommand"]], "sessionrenegotiationscanresult (class in sslyze)": [[0, "sslyze.SessionRenegotiationScanResult"]], "sessionresumptionsupportextraargument (class in sslyze)": [[0, "sslyze.SessionResumptionSupportExtraArgument"]], "sessionresumptionsupportscanresult (class in sslyze)": [[0, "sslyze.SessionResumptionSupportScanResult"]], "stricttransportsecurityheader (class in sslyze)": [[0, "sslyze.StrictTransportSecurityHeader"]], "supportedellipticcurvesscanresult (class in sslyze)": [[0, "sslyze.SupportedEllipticCurvesScanResult"]], "tls_1_0 (sslyze.tlsversionenum attribute)": [[0, "sslyze.TlsVersionEnum.TLS_1_0"]], "tls_1_0_cipher_suites (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.TLS_1_0_CIPHER_SUITES"]], "tls_1_1 (sslyze.tlsversionenum attribute)": [[0, "sslyze.TlsVersionEnum.TLS_1_1"]], "tls_1_1_cipher_suites (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.TLS_1_1_CIPHER_SUITES"]], "tls_1_2 (sslyze.tlsversionenum attribute)": [[0, "sslyze.TlsVersionEnum.TLS_1_2"]], "tls_1_2_cipher_suites (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.TLS_1_2_CIPHER_SUITES"]], "tls_1_3 (sslyze.tlsversionenum attribute)": [[0, "sslyze.TlsVersionEnum.TLS_1_3"]], "tls_1_3_cipher_suites (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.TLS_1_3_CIPHER_SUITES"]], "tls_1_3_early_data (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.TLS_1_3_EARLY_DATA"]], "tls_compression (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.TLS_COMPRESSION"]], "tls_fallback_scsv (sslyze.scancommand attribute)": [[0, "sslyze.ScanCommand.TLS_FALLBACK_SCSV"]], "tlsresumptionsupportenum (class in sslyze)": [[0, "sslyze.TlsResumptionSupportEnum"]], "tlsversionenum (class in sslyze)": [[0, "sslyze.TlsVersionEnum"]], "truststore (class in sslyze)": [[0, "sslyze.TrustStore"]], "unknown_inconsistent_results (sslyze.robotscanresultenum attribute)": [[0, "id7"], [0, "sslyze.RobotScanResultEnum.UNKNOWN_INCONSISTENT_RESULTS"]], "vulnerable_strong_oracle (sslyze.robotscanresultenum attribute)": [[0, "id4"], [0, "sslyze.RobotScanResultEnum.VULNERABLE_STRONG_ORACLE"]], "vulnerable_weak_oracle (sslyze.robotscanresultenum attribute)": [[0, "id0"], [0, "sslyze.RobotScanResultEnum.VULNERABLE_WEAK_ORACLE"]], "accepted_ciphers (sslyze.ciphersuitesscanresult attribute)": [[0, "sslyze.CipherSuitesScanResult.accepted_ciphers"]], "accepts_client_renegotiation (sslyze.sessionrenegotiationscanresult attribute)": [[0, "sslyze.SessionRenegotiationScanResult.accepts_client_renegotiation"]], "certificate_deployments (sslyze.certificateinfoscanresult attribute)": [[0, "sslyze.CertificateInfoScanResult.certificate_deployments"]], "custom_ca_file (sslyze.certificateinfoextraargument attribute)": [[0, "sslyze.CertificateInfoExtraArgument.custom_ca_file"]], "hostname_used_for_server_name_indication (sslyze.certificateinfoscanresult attribute)": [[0, "sslyze.CertificateInfoScanResult.hostname_used_for_server_name_indication"]], "http_error_trace (sslyze.httpheadersscanresult attribute)": [[0, "sslyze.HttpHeadersScanResult.http_error_trace"]], "http_path_redirected_to (sslyze.httpheadersscanresult attribute)": [[0, "sslyze.HttpHeadersScanResult.http_path_redirected_to"]], "http_request_sent (sslyze.httpheadersscanresult attribute)": [[0, "sslyze.HttpHeadersScanResult.http_request_sent"]], "include_subdomains (sslyze.stricttransportsecurityheader attribute)": [[0, "sslyze.StrictTransportSecurityHeader.include_subdomains"]], "is_certificate_extended_validation() (sslyze.truststore method)": [[0, "sslyze.TrustStore.is_certificate_extended_validation"]], "is_vulnerable_to_ccs_injection (sslyze.opensslccsinjectionscanresult attribute)": [[0, "sslyze.OpenSslCcsInjectionScanResult.is_vulnerable_to_ccs_injection"]], "is_vulnerable_to_heartbleed (sslyze.heartbleedscanresult attribute)": [[0, "sslyze.HeartbleedScanResult.is_vulnerable_to_heartbleed"]], "leaf_certificate_has_must_staple_extension (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.leaf_certificate_has_must_staple_extension"]], "leaf_certificate_is_ev (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.leaf_certificate_is_ev"]], "leaf_certificate_signed_certificate_timestamps_count (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.leaf_certificate_signed_certificate_timestamps_count"]], "max_age (sslyze.stricttransportsecurityheader attribute)": [[0, "sslyze.StrictTransportSecurityHeader.max_age"]], "module": [[0, "module-sslyze"]], "name (sslyze.ellipticcurve attribute)": [[0, "sslyze.EllipticCurve.name"]], "name (sslyze.truststore attribute)": [[0, "sslyze.TrustStore.name"]], "number_of_resumptions_to_attempt (sslyze.sessionresumptionsupportextraargument attribute)": [[0, "sslyze.SessionResumptionSupportExtraArgument.number_of_resumptions_to_attempt"]], "ocsp_response (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.ocsp_response"]], "ocsp_response_is_trusted (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.ocsp_response_is_trusted"]], "openssl_nid (sslyze.ellipticcurve attribute)": [[0, "sslyze.EllipticCurve.openssl_nid"]], "path (sslyze.truststore attribute)": [[0, "sslyze.TrustStore.path"]], "path_validation_results (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.path_validation_results"]], "preload (sslyze.stricttransportsecurityheader attribute)": [[0, "sslyze.StrictTransportSecurityHeader.preload"]], "received_certificate_chain (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.received_certificate_chain"]], "received_chain_contains_anchor_certificate (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.received_chain_contains_anchor_certificate"]], "received_chain_has_valid_order (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.received_chain_has_valid_order"]], "rejected_ciphers (sslyze.ciphersuitesscanresult attribute)": [[0, "sslyze.CipherSuitesScanResult.rejected_ciphers"]], "rejected_curves (sslyze.supportedellipticcurvesscanresult attribute)": [[0, "sslyze.SupportedEllipticCurvesScanResult.rejected_curves"]], "result (sslyze.robotscanresult attribute)": [[0, "sslyze.RobotScanResult.result"]], "session_id_attempted_resumptions_count (sslyze.sessionresumptionsupportscanresult attribute)": [[0, "sslyze.SessionResumptionSupportScanResult.session_id_attempted_resumptions_count"]], "session_id_resumption_result (sslyze.sessionresumptionsupportscanresult attribute)": [[0, "sslyze.SessionResumptionSupportScanResult.session_id_resumption_result"]], "session_id_successful_resumptions_count (sslyze.sessionresumptionsupportscanresult attribute)": [[0, "sslyze.SessionResumptionSupportScanResult.session_id_successful_resumptions_count"]], "sslyze": [[0, "module-sslyze"]], "strict_transport_security_header (sslyze.httpheadersscanresult attribute)": [[0, "sslyze.HttpHeadersScanResult.strict_transport_security_header"]], "supported_curves (sslyze.supportedellipticcurvesscanresult attribute)": [[0, "sslyze.SupportedEllipticCurvesScanResult.supported_curves"]], "supports_compression (sslyze.compressionscanresult attribute)": [[0, "sslyze.CompressionScanResult.supports_compression"]], "supports_early_data (sslyze.earlydatascanresult attribute)": [[0, "sslyze.EarlyDataScanResult.supports_early_data"]], "supports_ecdh_key_exchange (sslyze.supportedellipticcurvesscanresult attribute)": [[0, "sslyze.SupportedEllipticCurvesScanResult.supports_ecdh_key_exchange"]], "supports_fallback_scsv (sslyze.fallbackscsvscanresult attribute)": [[0, "sslyze.FallbackScsvScanResult.supports_fallback_scsv"]], "supports_secure_renegotiation (sslyze.sessionrenegotiationscanresult attribute)": [[0, "sslyze.SessionRenegotiationScanResult.supports_secure_renegotiation"]], "tls_ticket_attempted_resumptions_count (sslyze.sessionresumptionsupportscanresult attribute)": [[0, "sslyze.SessionResumptionSupportScanResult.tls_ticket_attempted_resumptions_count"]], "tls_ticket_resumption_result (sslyze.sessionresumptionsupportscanresult attribute)": [[0, "sslyze.SessionResumptionSupportScanResult.tls_ticket_resumption_result"]], "tls_ticket_successful_resumptions_count (sslyze.sessionresumptionsupportscanresult attribute)": [[0, "sslyze.SessionResumptionSupportScanResult.tls_ticket_successful_resumptions_count"]], "tls_version_used (sslyze.ciphersuitesscanresult attribute)": [[0, "sslyze.CipherSuitesScanResult.tls_version_used"]], "trust_store (sslyze.pathvalidationresult attribute)": [[0, "sslyze.PathValidationResult.trust_store"]], "validation_error (sslyze.pathvalidationresult attribute)": [[0, "sslyze.PathValidationResult.validation_error"]], "verified_certificate_chain (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.verified_certificate_chain"]], "verified_certificate_chain (sslyze.pathvalidationresult attribute)": [[0, "sslyze.PathValidationResult.verified_certificate_chain"]], "verified_chain_has_legacy_symantec_anchor (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.verified_chain_has_legacy_symantec_anchor"]], "verified_chain_has_sha1_signature (sslyze.certificatedeploymentanalysisresult attribute)": [[0, "sslyze.CertificateDeploymentAnalysisResult.verified_chain_has_sha1_signature"]], "verify_certificate_chain() (sslyze.truststore method)": [[0, "sslyze.TrustStore.verify_certificate_chain"]], "version (sslyze.truststore attribute)": [[0, "sslyze.TrustStore.version"]], "was_validation_successful (sslyze.pathvalidationresult attribute)": [[0, "sslyze.PathValidationResult.was_validation_successful"]], "asn1 (sslyze.opensslfiletypeenum attribute)": [[3, "sslyze.OpenSslFileTypeEnum.ASN1"]], "allscancommandsattempts (class in sslyze)": [[3, "sslyze.AllScanCommandsAttempts"]], "bug_in_sslyze (sslyze.scancommanderrorreasonenum attribute)": [[3, "sslyze.ScanCommandErrorReasonEnum.BUG_IN_SSLYZE"]], "client_certificate_needed (sslyze.scancommanderrorreasonenum attribute)": [[3, "sslyze.ScanCommandErrorReasonEnum.CLIENT_CERTIFICATE_NEEDED"]], "connectivity_issue (sslyze.scancommanderrorreasonenum attribute)": [[3, "sslyze.ScanCommandErrorReasonEnum.CONNECTIVITY_ISSUE"]], "clientauthenticationcredentials (class in sslyze)": [[3, "sslyze.ClientAuthenticationCredentials"]], "ftp (sslyze.protocolwithopportunistictlsenum attribute)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.FTP"]], "imap (sslyze.protocolwithopportunistictlsenum attribute)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.IMAP"]], "ldap (sslyze.protocolwithopportunistictlsenum attribute)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.LDAP"]], "opensslfiletypeenum (class in sslyze)": [[3, "sslyze.OpenSslFileTypeEnum"]], "pem (sslyze.opensslfiletypeenum attribute)": [[3, "sslyze.OpenSslFileTypeEnum.PEM"]], "pop3 (sslyze.protocolwithopportunistictlsenum attribute)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.POP3"]], "postgres (sslyze.protocolwithopportunistictlsenum attribute)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.POSTGRES"]], "protocolwithopportunistictlsenum (class in sslyze)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum"]], "rdp (sslyze.protocolwithopportunistictlsenum attribute)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.RDP"]], "smtp (sslyze.protocolwithopportunistictlsenum attribute)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.SMTP"]], "scancommandattempt (class in sslyze)": [[3, "sslyze.ScanCommandAttempt"]], "scancommanderrorreasonenum (class in sslyze)": [[3, "sslyze.ScanCommandErrorReasonEnum"]], "scanner (class in sslyze)": [[3, "sslyze.Scanner"]], "serverconnectivitystatusenum (class in sslyze)": [[3, "sslyze.ServerConnectivityStatusEnum"]], "servernetworkconfiguration (class in sslyze)": [[3, "sslyze.ServerNetworkConfiguration"]], "servernetworklocation (class in sslyze)": [[3, "sslyze.ServerNetworkLocation"]], "serverscanrequest (class in sslyze)": [[3, "sslyze.ServerScanRequest"]], "serverscanresult (class in sslyze)": [[3, "sslyze.ServerScanResult"]], "serverscanstatusenum (class in sslyze)": [[3, "sslyze.ServerScanStatusEnum"]], "servertlsprobingresult (class in sslyze)": [[3, "sslyze.ServerTlsProbingResult"]], "wrong_usage (sslyze.scancommanderrorreasonenum attribute)": [[3, "sslyze.ScanCommandErrorReasonEnum.WRONG_USAGE"]], "xmpp (sslyze.protocolwithopportunistictlsenum attribute)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.XMPP"]], "xmpp_server (sslyze.protocolwithopportunistictlsenum attribute)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.XMPP_SERVER"]], "certificate_chain_path (sslyze.clientauthenticationcredentials attribute)": [[3, "sslyze.ClientAuthenticationCredentials.certificate_chain_path"]], "connection_type (sslyze.servernetworklocation attribute)": [[3, "sslyze.ServerNetworkLocation.connection_type"]], "connectivity_error_trace (sslyze.serverscanresult attribute)": [[3, "sslyze.ServerScanResult.connectivity_error_trace"]], "connectivity_result (sslyze.serverscanresult attribute)": [[3, "sslyze.ServerScanResult.connectivity_result"]], "connectivity_status (sslyze.serverscanresult attribute)": [[3, "sslyze.ServerScanResult.connectivity_status"]], "error_reason (sslyze.scancommandattempt attribute)": [[3, "sslyze.ScanCommandAttempt.error_reason"]], "error_trace (sslyze.scancommandattempt attribute)": [[3, "sslyze.ScanCommandAttempt.error_trace"]], "from_default_port() (sslyze.protocolwithopportunistictlsenum class method)": [[3, "sslyze.ProtocolWithOpportunisticTlsEnum.from_default_port"]], "hostname (sslyze.servernetworklocation attribute)": [[3, "sslyze.ServerNetworkLocation.hostname"]], "http_proxy_settings (sslyze.servernetworklocation attribute)": [[3, "sslyze.ServerNetworkLocation.http_proxy_settings"]], "ip_address (sslyze.servernetworklocation attribute)": [[3, "sslyze.ServerNetworkLocation.ip_address"]], "key_password (sslyze.clientauthenticationcredentials attribute)": [[3, "sslyze.ClientAuthenticationCredentials.key_password"]], "key_path (sslyze.clientauthenticationcredentials attribute)": [[3, "sslyze.ClientAuthenticationCredentials.key_path"]], "key_type (sslyze.clientauthenticationcredentials attribute)": [[3, "sslyze.ClientAuthenticationCredentials.key_type"]], "network_configuration (sslyze.serverscanresult attribute)": [[3, "sslyze.ServerScanResult.network_configuration"]], "network_max_retries (sslyze.servernetworkconfiguration attribute)": [[3, "sslyze.ServerNetworkConfiguration.network_max_retries"]], "network_timeout (sslyze.servernetworkconfiguration attribute)": [[3, "sslyze.ServerNetworkConfiguration.network_timeout"]], "port (sslyze.servernetworklocation attribute)": [[3, "sslyze.ServerNetworkLocation.port"]], "result (sslyze.scancommandattempt attribute)": [[3, "sslyze.ScanCommandAttempt.result"]], "scan_result (sslyze.serverscanresult attribute)": [[3, "sslyze.ServerScanResult.scan_result"]], "scan_status (sslyze.serverscanresult attribute)": [[3, "sslyze.ServerScanResult.scan_status"]], "server_location (sslyze.serverscanresult attribute)": [[3, "sslyze.ServerScanResult.server_location"]], "status (sslyze.scancommandattempt attribute)": [[3, "sslyze.ScanCommandAttempt.status"]], "tls_client_auth_credentials (sslyze.servernetworkconfiguration attribute)": [[3, "sslyze.ServerNetworkConfiguration.tls_client_auth_credentials"]], "tls_server_name_indication (sslyze.servernetworkconfiguration attribute)": [[3, "sslyze.ServerNetworkConfiguration.tls_server_name_indication"]], "tls_wrapped_protocol (sslyze.servernetworkconfiguration attribute)": [[3, "sslyze.ServerNetworkConfiguration.tls_wrapped_protocol"]], "uuid (sslyze.serverscanresult attribute)": [[3, "sslyze.ServerScanResult.uuid"]], "xmpp_to_hostname (sslyze.servernetworkconfiguration attribute)": [[3, "sslyze.ServerNetworkConfiguration.xmpp_to_hostname"]]}}) \ No newline at end of file diff --git a/json_output_schema.json b/json_output_schema.json index 9900de17..4d9b336f 100644 --- a/json_output_schema.json +++ b/json_output_schema.json @@ -2127,7 +2127,7 @@ "type": "string" }, "sslyze_version": { - "default": "6.0.0b0", + "default": "6.0.0", "title": "Sslyze Version", "type": "string" },