What is wrong with my SSL?

WindowsGeek 21 Reputation points
2021-09-28T05:55:15+00:00

Hello,
My website using HTTPS, but when I used the SSLScan tool, I got below results: 

C:\Users\Admin\Desktop\SSLScan>SSLScan.exe Example.com:443
                   _
           ___ ___| |___  ___ __ _ _ __
          / __/ __| / __|/ __/ _` | '_ \
          \__ \__ \ \__ \ (_| (_| | | | |
          |___/___/_|___/\___\__,_|_| |_|


                  Version 1.8.2-win
             http://www.titania.co.uk
        Copyright Ian Ventura-Whiting 2009
    Compiled against OpenSSL 0.9.8m 25 Feb 2010


Testing SSL server Example.com on port 443


  Supported Server Cipher(s):
    Failed    SSLv2  168 bits  DES-CBC3-MD5
    Failed    SSLv2   56 bits  DES-CBC-MD5
    Failed    SSLv2  128 bits  IDEA-CBC-MD5
    Failed    SSLv2   40 bits  EXP-RC2-CBC-MD5
    Failed    SSLv2  128 bits  RC2-CBC-MD5
    Failed    SSLv2   40 bits  EXP-RC4-MD5
    Failed    SSLv2  128 bits  RC4-MD5
    Failed    SSLv3  256 bits  ADH-AES256-SHA
    Failed    SSLv3  256 bits  DHE-RSA-AES256-SHA
    Failed    SSLv3  256 bits  DHE-DSS-AES256-SHA
    Failed    SSLv3  256 bits  AES256-SHA
    Failed    SSLv3  128 bits  ADH-AES128-SHA
    Failed    SSLv3  128 bits  DHE-RSA-AES128-SHA
    Failed    SSLv3  128 bits  DHE-DSS-AES128-SHA
    Failed    SSLv3  128 bits  AES128-SHA
    Failed    SSLv3  168 bits  ADH-DES-CBC3-SHA
    Failed    SSLv3   56 bits  ADH-DES-CBC-SHA
    Failed    SSLv3   40 bits  EXP-ADH-DES-CBC-SHA
    Failed    SSLv3  128 bits  ADH-RC4-MD5
    Failed    SSLv3   40 bits  EXP-ADH-RC4-MD5
    Failed    SSLv3  168 bits  EDH-RSA-DES-CBC3-SHA
    Failed    SSLv3   56 bits  EDH-RSA-DES-CBC-SHA
    Failed    SSLv3   40 bits  EXP-EDH-RSA-DES-CBC-SHA
    Failed    SSLv3  168 bits  EDH-DSS-DES-CBC3-SHA
    Failed    SSLv3   56 bits  EDH-DSS-DES-CBC-SHA
    Failed    SSLv3   40 bits  EXP-EDH-DSS-DES-CBC-SHA
    Failed    SSLv3  168 bits  DES-CBC3-SHA
    Failed    SSLv3   56 bits  DES-CBC-SHA
    Failed    SSLv3   40 bits  EXP-DES-CBC-SHA
    Failed    SSLv3  128 bits  IDEA-CBC-SHA
    Failed    SSLv3   40 bits  EXP-RC2-CBC-MD5
    Failed    SSLv3  128 bits  RC4-SHA
    Failed    SSLv3  128 bits  RC4-MD5
    Failed    SSLv3   40 bits  EXP-RC4-MD5
    Failed    SSLv3    0 bits  NULL-SHA
    Failed    SSLv3    0 bits  NULL-MD5
    Failed    TLSv1  256 bits  ADH-AES256-SHA
    Failed    TLSv1  256 bits  DHE-RSA-AES256-SHA
    Failed    TLSv1  256 bits  DHE-DSS-AES256-SHA
    Failed    TLSv1  256 bits  AES256-SHA
    Failed    TLSv1  128 bits  ADH-AES128-SHA
    Failed    TLSv1  128 bits  DHE-RSA-AES128-SHA
    Failed    TLSv1  128 bits  DHE-DSS-AES128-SHA
    Failed    TLSv1  128 bits  AES128-SHA
    Failed    TLSv1  168 bits  ADH-DES-CBC3-SHA
    Failed    TLSv1   56 bits  ADH-DES-CBC-SHA
    Failed    TLSv1   40 bits  EXP-ADH-DES-CBC-SHA
    Failed    TLSv1  128 bits  ADH-RC4-MD5
    Failed    TLSv1   40 bits  EXP-ADH-RC4-MD5
    Failed    TLSv1  168 bits  EDH-RSA-DES-CBC3-SHA
    Failed    TLSv1   56 bits  EDH-RSA-DES-CBC-SHA
    Failed    TLSv1   40 bits  EXP-EDH-RSA-DES-CBC-SHA
    Failed    TLSv1  168 bits  EDH-DSS-DES-CBC3-SHA
    Failed    TLSv1   56 bits  EDH-DSS-DES-CBC-SHA
    Failed    TLSv1   40 bits  EXP-EDH-DSS-DES-CBC-SHA
    Failed    TLSv1  168 bits  DES-CBC3-SHA
    Failed    TLSv1   56 bits  DES-CBC-SHA
    Failed    TLSv1   40 bits  EXP-DES-CBC-SHA
    Failed    TLSv1  128 bits  IDEA-CBC-SHA
    Failed    TLSv1   40 bits  EXP-RC2-CBC-MD5
    Failed    TLSv1  128 bits  RC4-SHA
    Failed    TLSv1  128 bits  RC4-MD5
    Failed    TLSv1   40 bits  EXP-RC4-MD5
    Failed    TLSv1    0 bits  NULL-SHA
    Failed    TLSv1    0 bits  NULL-MD5


  Prefered Server Cipher(s):

C:\Users\Admin\Desktop\SSLScan>SSLScan.exe Example.com:80
                   _
           ___ ___| |___  ___ __ _ _ __
          / __/ __| / __|/ __/ _` | '_ \
          \__ \__ \ \__ \ (_| (_| | | | |
          |___/___/_|___/\___\__,_|_| |_|


                  Version 1.8.2-win
             http://www.titania.co.uk
        Copyright Ian Ventura-Whiting 2009
    Compiled against OpenSSL 0.9.8m 25 Feb 2010


Testing SSL server Example.com on port 80


  Supported Server Cipher(s):
    Rejected  SSLv2  168 bits  DES-CBC3-MD5
    Rejected  SSLv2   56 bits  DES-CBC-MD5
    Rejected  SSLv2  128 bits  IDEA-CBC-MD5
    Rejected  SSLv2   40 bits  EXP-RC2-CBC-MD5
    Rejected  SSLv2  128 bits  RC2-CBC-MD5
    Rejected  SSLv2   40 bits  EXP-RC4-MD5
    Rejected  SSLv2  128 bits  RC4-MD5
    Failed    SSLv3  256 bits  ADH-AES256-SHA
    Failed    SSLv3  256 bits  DHE-RSA-AES256-SHA
    Failed    SSLv3  256 bits  DHE-DSS-AES256-SHA
    Failed    SSLv3  256 bits  AES256-SHA
    Failed    SSLv3  128 bits  ADH-AES128-SHA
    Failed    SSLv3  128 bits  DHE-RSA-AES128-SHA
    Failed    SSLv3  128 bits  DHE-DSS-AES128-SHA
    Failed    SSLv3  128 bits  AES128-SHA
    Failed    SSLv3  168 bits  ADH-DES-CBC3-SHA
    Failed    SSLv3   56 bits  ADH-DES-CBC-SHA
    Failed    SSLv3   40 bits  EXP-ADH-DES-CBC-SHA
    Failed    SSLv3  128 bits  ADH-RC4-MD5
    Failed    SSLv3   40 bits  EXP-ADH-RC4-MD5
    Failed    SSLv3  168 bits  EDH-RSA-DES-CBC3-SHA
    Failed    SSLv3   56 bits  EDH-RSA-DES-CBC-SHA
    Failed    SSLv3   40 bits  EXP-EDH-RSA-DES-CBC-SHA
    Failed    SSLv3  168 bits  EDH-DSS-DES-CBC3-SHA
    Failed    SSLv3   56 bits  EDH-DSS-DES-CBC-SHA
    Failed    SSLv3   40 bits  EXP-EDH-DSS-DES-CBC-SHA
    Failed    SSLv3  168 bits  DES-CBC3-SHA
    Failed    SSLv3   56 bits  DES-CBC-SHA
    Failed    SSLv3   40 bits  EXP-DES-CBC-SHA
    Failed    SSLv3  128 bits  IDEA-CBC-SHA
    Failed    SSLv3   40 bits  EXP-RC2-CBC-MD5
    Failed    SSLv3  128 bits  RC4-SHA
    Failed    SSLv3  128 bits  RC4-MD5
    Failed    SSLv3   40 bits  EXP-RC4-MD5
    Failed    SSLv3    0 bits  NULL-SHA
    Failed    SSLv3    0 bits  NULL-MD5
    Failed    TLSv1  256 bits  ADH-AES256-SHA
    Failed    TLSv1  256 bits  DHE-RSA-AES256-SHA
    Failed    TLSv1  256 bits  DHE-DSS-AES256-SHA
    Failed    TLSv1  256 bits  AES256-SHA
    Failed    TLSv1  128 bits  ADH-AES128-SHA
    Failed    TLSv1  128 bits  DHE-RSA-AES128-SHA
    Failed    TLSv1  128 bits  DHE-DSS-AES128-SHA
    Failed    TLSv1  128 bits  AES128-SHA
    Failed    TLSv1  168 bits  ADH-DES-CBC3-SHA
    Failed    TLSv1   56 bits  ADH-DES-CBC-SHA
    Failed    TLSv1   40 bits  EXP-ADH-DES-CBC-SHA
    Failed    TLSv1  128 bits  ADH-RC4-MD5
    Failed    TLSv1   40 bits  EXP-ADH-RC4-MD5
    Failed    TLSv1  168 bits  EDH-RSA-DES-CBC3-SHA
    Failed    TLSv1   56 bits  EDH-RSA-DES-CBC-SHA
    Failed    TLSv1   40 bits  EXP-EDH-RSA-DES-CBC-SHA
    Failed    TLSv1  168 bits  EDH-DSS-DES-CBC3-SHA
    Failed    TLSv1   56 bits  EDH-DSS-DES-CBC-SHA
    Failed    TLSv1   40 bits  EXP-EDH-DSS-DES-CBC-SHA
    Failed    TLSv1  168 bits  DES-CBC3-SHA
    Failed    TLSv1   56 bits  DES-CBC-SHA
    Failed    TLSv1   40 bits  EXP-DES-CBC-SHA
    Failed    TLSv1  128 bits  IDEA-CBC-SHA
    Failed    TLSv1   40 bits  EXP-RC2-CBC-MD5
    Failed    TLSv1  128 bits  RC4-SHA
    Failed    TLSv1  128 bits  RC4-MD5
    Failed    TLSv1   40 bits  EXP-RC4-MD5
    Failed    TLSv1    0 bits  NULL-SHA
    Failed    TLSv1    0 bits  NULL-MD5


  Prefered Server Cipher(s):

Why? What is wrong?

Thank you.

Internet Information Services

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. WindowsGeek 21 Reputation points
    2021-09-29T09:31:50.47+00:00

    Hello,
    Thank yo so much for your help.
    I downloaded the last version and result is: 

    C:\Users\Admin\Desktop\SSLscan>sslscan.exe Example.com:443
Version: 2.0.10 Windows 64-bit (Mingw)
OpenSSL 1.1.1e-dev  xx XXX xxxx


Connected to 172.16.7.5


Testing SSL server Example.com on port 443 using SNI name Example.com


  SSL/TLS Protocols:
SSLv2     disabled
SSLv3     disabled
TLSv1.0   disabled
TLSv1.1   disabled
TLSv1.2   enabled
TLSv1.3   disabled


  TLS Fallback SCSV:
Server supports TLS Fallback SCSV


  TLS renegotiation:
Session renegotiation not supported


  TLS Compression:
Compression disabled


  Heartbleed:
TLSv1.2 ERROR: send() failed: Bad file descriptor



C:\Users\Admin\Desktop\SSLscan>sslscan.exe Example.com:80
Version: 2.0.10 Windows 64-bit (Mingw)
OpenSSL 1.1.1e-dev  xx XXX xxxx


Connected to 172.16.7.5


Testing SSL server Example.com on port 80 using SNI name Example.com


  SSL/TLS Protocols:
SSLv2     disabled
SSLv3     disabled
TLSv1.0   disabled
TLSv1.1   disabled
TLSv1.2   disabled
TLSv1.3   disabled


  TLS Fallback SCSV:
Connection failed - unable to determine TLS Fallback SCSV support


  TLS renegotiation:
Session renegotiation not supported


  TLS Compression:
Compression disabled


  Heartbleed:


  Supported Server Cipher(s):
Certificate information cannot be retrieved.


C:\Users\Admin\Desktop\SSLscan>
    0 comments
  2. WindowsGeek 21 Reputation points
    2021-10-02T07:10:07.647+00:00

    Hello,
    Is my SSL OK?

    Thank you.

    0 comments