New version

sites
aeris 2017-10-29 11:41:57 +01:00
parent 5a024333c8
commit 5955667df0
17 changed files with 460 additions and 170 deletions

1
.ruby-version 100644
View File

@ -0,0 +1 @@
2.3.3-cryptcheck

View File

@ -1,4 +1,4 @@
guard 'livereload' do
guard :livereload do
watch(%r{app/views/.+\.(erb|haml|slim)$})
watch(%r{app/helpers/.+\.rb})
watch(%r{public/.+\.(css|js|html)})
@ -6,3 +6,8 @@ guard 'livereload' do
# Rails Assets Pipeline
watch(%r{(app|vendor)(/assets/\w+/(.+\.(css|js|html|png|jpg|coffee|scss))).*}) { |m| "/assets/#{m[3]}" }
end
#guard :rails do
# watch('Gemfile.lock')
# watch(%r{^(config|lib)/.*})
#end

View File

@ -1,6 +1,5 @@
//= require_tree .
//= require_self
@import 'bootstrap-sprockets';
@import 'bootstrap';
@import 'bootstrap/variables';
@ -21,7 +20,6 @@
@import 'bootstrap/alerts';
@import 'bootstrap/utilities';
@import 'bootstrap/responsive-utilities';
@import 'font-awesome-sprockets';
@import 'font-awesome';
@ -67,36 +65,55 @@ td.primary {
margin-top: 100px;
}
$color-critical: #d9534f;
$color-error: #e4804e;
$color-warning: #f0ad4e;
$color-good: #beb052;
$color-best: #8db457;
$color-great: #5cb85c;
.label-state-critical {
//background-color: #800000;
background-color: #ff0000;
background-color: $color-critical;
}
.label-state-error {
//background-color: #803300;
background-color: #ff6600;
background-color: $color-error;
}
.label-state-warning {
//background-color: #806600;
background-color: #ffcc00;
color: $text-color;
background-color: $color-warning;
color: $text-color;
}
.label-state-good {
//background-color: #668000;
background-color: #cbff00;
color: $text-color;
background-color: $color-good;
color: $text-color;
}
.label-state-great {
//background-color: #338000;
background-color: #65ff00;
}
.label-state-best {
//background-color: #008000;
background-color: #00ff00;
background-color: $color-best;
}
.label-state-great {
background-color: $color-great;
}
.label-state-default {
//background-color: #008000;
background-color: $label-default-bg;
}
.label-state-success {
background-color: $label-success-bg;
}
.alert-critical, .alert-error {
background-color: $alert-danger-bg;
color: $alert-danger-text;
border-color: $alert-danger-border
}
.alert-warning {
background-color: $alert-warning-bg;
color: $alert-warning-text;
border-color: $alert-warning-border
}
.alert-good, .alert-great, .alert-best {
background-color: $alert-success-bg;
color: $alert-success-text;
border-color: $alert-success-border
}

View File

@ -41,18 +41,22 @@ class CheckController < ApplicationController
@id = params[:id]
if @id.end_with? '.json'
@id = @id.sub /\.json$/, ''
@id = @id.sub /\.json$/, ''
request.format = :json
end
@host, @port = @id.split ':'
@host = SimpleIDN.to_ascii @host.downcase
@host = SimpleIDN.to_ascii @host.downcase
if /[^a-zA-Z0-9.-]/ =~ @host
flash[:danger] = "Hôte #{@host} invalide"
redirect_to action: :index
return false
end
@port = @port.to_i if @port
if @port
@port = @port.to_i
else
@port = self.default_port
end
@result = Analysis[self.type, @host, @port]
# file = File.join Rails.root, 'config/host.yml'

View File

@ -11,4 +11,8 @@ class HttpsController < CheckController
def tls_type
'HTTPS'
end
def default_port
443
end
end

View File

@ -11,4 +11,8 @@ class SmtpController < CheckController
def tls_type
'STARTTLS'
end
def default_port
25
end
end

View File

@ -11,4 +11,8 @@ class SshController < CheckController
def tls_type
'SSH'
end
def default_port
22
end
end

View File

@ -1,16 +1,19 @@
module CheckHelper
private def __label(value, color)
"<span class=\"label label-#{color} %>\">#{value}</span>"
end
def label(value, color)
__label(value, color).html_safe
private def __label(value, color, state=true)
color = :default unless color
color = "state-#{color}" if state
"<span class=\"label label-#{color}\">#{value}</span>"
end
def cell(value, color)
"<td class=\"#{color}\">#{value}</td>".html_safe
def label(value, color, state=true)
__label(value, color, state).html_safe
end
def labels(level, states)
def cell(value, color, state=true)
"<td class=\"label-state-#{color}\">#{value}</td>".html_safe
end
def labels(level, states, state=true)
states.each_pair.collect do |name, value|
color = if value.nil?
:default
@ -19,32 +22,32 @@ module CheckHelper
else
value ? :success : :danger
end
__label name, color
__label name, color, state
end.join(' ').html_safe
end
def states(states)
::CryptCheck::State.collect do |level|
states[level].each_pair.select { |_, v| v == true }.collect do |name, _|
__label name, "state-#{level}"
end
states[level].each_pair
.select { |_, v| v == true }
.collect { |name, _| __label name, level }
end.flatten(1).join(' ').html_safe
end
def rank_color(rank)
case rank
when 'A+' then
:primary
when 'A' then
:success
when 'B' then
:default
when 'C', 'D' then
when :'A+' then
:great
when :A then
:best
when :B then
:good
when :C, :D then
:warning
when 'E', 'F' then
:danger
else
when :E, :F then
:error
else
:critical
end
end
@ -79,15 +82,7 @@ module CheckHelper
end
def protocol_label(protocol)
color = case protocol.to_s
when 'TLSv1_2' then
:success
when 'SSLv3', 'SSLv2' then
:error
else
:default
end
label protocol, color
label protocol.to_sym, protocol.status
end
def protocol_labels(protocols)
@ -140,21 +135,9 @@ module CheckHelper
end
def cipher_name_label(cipher)
state = cipher[:state]
color = case
when !state[:error].empty? then
:error
when !state[:danger].empty? then
:danger
when !state[:warning].empty? then
:warning
when !state[:success].empty? then
:success
else
:default
end
color = :primary if color == :success and cipher.size >= 256
label("&nbsp;", color) + "&nbsp;#{cipher.name}".html_safe
status = cipher.status
status = :success if status == :good
label("&nbsp;", status) + "&nbsp;#{cipher.name}".html_safe
end
def cipher_labels(cipher)
@ -165,13 +148,13 @@ module CheckHelper
def cipher_kex_type_cell(kex)
color = case kex
when :ecdh then
:primary
nil
when :dh then
:success
when :rsa then
:warning
else
when :rsa then
:error
else
:critical
end
kex ||= 'None'
cell kex.to_s.upcase, color
@ -184,12 +167,10 @@ module CheckHelper
def cipher_auth_type_cell(auth)
color = case auth
when :ecdsa then
:primary
when :rsa then
:default
when :ecdsa, :rsa then
nil
else
:error
:critical
end
auth ||= 'None'
cell auth.to_s.upcase, color
@ -202,52 +183,55 @@ module CheckHelper
def cipher_enc_type_cell(enc)
color = case enc
when :chacha20 then
:primary
when :aes then
when :chacha20
:success
when :camellia, :seed then
:default
else
:error
when nil, :rc4
:critical
end
enc ||= 'NONE'
cell enc.to_s.upcase, color
end
def cipher_enc_key_size_cell(enc)
enc ||= 0
color = cipher_color enc
def cipher_enc_block_size_cell(enc)
color = case
when enc.nil?
nil
when enc <= 64
:critical
when enc < 128
:error
end
cell enc, color
end
def cipher_enc_block_size_cell(enc)
return cell '', :default unless enc
color = cipher_color enc
def cipher_enc_key_size_cell(enc)
color = case
when enc.nil?
nil
when enc < 128
:critical
end
cell enc, color
end
def cipher_enc_mode_cell(enc)
color = case enc
when :gcm, :ccm then
:primary
when :cbc then
:danger
when :gcm, :ccm, :aead
:success
end
enc ||= ''
cell enc.to_s.upcase, color
end
def cipher_mac_type_cell(mac)
color = case mac
when :poly1305 then
:primary
when :sha384, :sha256 then
:success
when :sha384, :sha256 then
nil
when :sha1 then
:warning
when :md5 then
:error
else
:critical
end
cell mac.to_s.upcase, color
end
@ -257,7 +241,7 @@ module CheckHelper
end
def cipher_pfs_cell(pfs)
return cell 'PFS', :success if pfs
cell 'No PFS', :warning
return cell 'PFS', nil if pfs
cell 'No PFS', :error
end
end

View File

@ -12,77 +12,158 @@
<% end %>
</div>
<% @result.hosts.each do |host| %>
<% @result.result.each do |host| %>
<div class="row">
<div class="col-sm-12">
<h2>
<%= rank_label host.grade %>
<%= host.ip %> : <%= host.port %>
<span class="small">(<%= host.hostname %>)</span></h2>
<%= rank_label host[:grade] %>
<%= host[:ip] %> : <%= host[:port] %>
<span class="small">(<%= host[:hostname] %>)</span></h2>
</div>
</div>
<div class="row">
<div class="col-sm-12">
<% ::CryptCheck::State.each do |level|
host[:states][level].each do |state, value|
next unless value
%>
<div class="alert alert-<%= level %>"><%= t "alert.#{level}.#{state}" %></div>
<% end
end %>
<!--
<h3><%= t 'Checks' %></h3>
<table class="table table-bordered table-condensed table-striped">
<thead>
<th><%= t 'Severity' %></th>
<td></td>
<td>
<%= t 'Checks' %>
(
<%= label 'OK', :success, false %>
<%= label 'KO', :danger, false %>
<%= label 'N/A', :default, false %>
)
</td>
</thead>
<tbody>
<% ::CryptCheck::State.each do |level| %>
<tr>
<th><%= label level, "state-#{level}" %></th>
<td><%= labels level, host.states[level] %></td>
<th><%= label level, "state-#{level}", false %></th>
<td><%= labels level, host[:states][level], false %></td>
</tr>
<% end %>
</tbody>
</table>
-->
</div>
</div>
<div class="row">
<!--div class="row">
<div class="col-sm-12">
<h3><%= t 'Certificates' %></h3>
<table class="table table-bordered table-condensed table-striped">
<thead>
<tr>
<th>
<%= t 'Subject' %>
<span class="small">[<%= t 'Serial' %>]</span>
<div class="small"><%= t 'Fingerprint' %></div>
</th>
<td><%= t 'Issuer' %></td>
<td><%= t 'Not before' %></td>
<td><%= t 'Not after' %></td>
<th></th>
</tr>
<tr>
<th>
<%= t 'Subject' %>
<span class="small">[<%= t 'Serial' %>]</span>
<div class="small"><%= t 'Fingerprint' %></div>
</th>
<td><%= t 'Issuer' %></td>
<td><%= t 'Not before' %></td>
<td><%= t 'Not after' %></td>
<th></th>
</tr>
</thead>
<tbody>
<% host.handshakes.certs.each do |cert| %>
<% host[:handshakes][:certs].each do |cert| %>
<tr>
<th>
<%= cert.subject %> [<%= cert.serial %>]
<div class="small"><%= cert.fingerprint %></div>
<%= cert[:subject] %> [<%= cert[:serial] %>]
<div class="small"><%= cert[:fingerprint] %></div>
</th>
<td><%= cert.issuer %></td>
<td><%= l cert.lifetime.not_before %></td>
<td><%= l cert.lifetime.not_after %></td>
<td><%= states cert.states %></td>
<td><%= cert[:issuer] %></td>
<td><%= l cert[:lifetime][:not_before] %></td>
<td><%= l cert[:lifetime][:not_after] %></td>
<td><%= states cert[:states] %></td>
</tr>
<% cert.chain.each do |cert| %>
<tr>
<th>
<%= cert.subject %> [<%= cert.serial %>]
<div class="small"><%= cert.fingerprint %></div>
</th>
<td><%= cert.issuer %></td>
<td><%= l cert.lifetime.not_before %></td>
<td><%= l cert.lifetime.not_after %></td>
</tr>
<% end %>
<% cert[:chain].each do |cert| %>
<tr>
<th>
<%= cert[:subject] %> [<%= cert[:serial] %>]
<div class="small"><%= cert[:fingerprint] %></div>
</th>
<td><%= cert[:issuer] %></td>
<td><%= l cert[:lifetime][:not_before] %></td>
<td><%= l cert[:lifetime][:not_after] %></td>
</tr>
<% end %>
<% end %>
</tbody>
</table>
</div>
</div-->
<div class="row">
<div class="col-sm-12">
<table class="table table-bordered table-condensed table-striped center">
<thead>
<tr>
<th rowspan="2"><%= t 'Name' %></th>
<th colspan="2"><%= t 'Key exchange' %></th>
<th colspan="2"><%= t 'Authentication' %></th>
<th colspan="4"><%= t 'Encryption' %></th>
<th colspan="2"><%= t 'MAC' %></th>
<th rowspan="2"><%= t 'PFS' %></th>
</tr>
<tr>
<th><%= t 'Type' %></th>
<th><%= t 'Key size' %></th>
<th><%= t 'Type' %></th>
<th><%= t 'Key size' %></th>
<th><%= t 'Type' %></th>
<th><%= t 'Key size' %></th>
<th><%= t 'Block size' %></th>
<th><%= t 'Mode' %></th>
<th><%= t 'Type' %></th>
<th><%= t 'Size' %></th>
</tr>
</thead>
<tbody>
<%
handshakes = host[:handshakes]
all_ciphers = handshakes[:ciphers].group_by { |c| c[:protocol] }
CryptCheck::Tls::Method.each do |protocol|
ciphers = all_ciphers.fetch(protocol, [])
.collect { |c| CryptCheck::Tls::Cipher.new protocol, c[:name] }.sort
unless ciphers.empty? %>
<tr>
<th colspan="12"><%= protocol_label protocol %></th>
</tr>
<% ciphers.each do |cipher|
kex = cipher.kex
auth = cipher.auth
enc = cipher.encryption
mac = cipher.hmac
pfs = cipher.pfs?
%>
<tr>
<th><%= cipher_name_label cipher %></th>
<%= cipher_kex_type_cell kex %>
<th/>
<%#= cipher_kex_size_cell kex&.last %>
<%= cipher_auth_type_cell auth %>
<th/>
<%#= cipher_auth_size_cell auth&.last %>
<%= cipher_enc_type_cell enc[0] %>
<%= cipher_enc_key_size_cell enc[1] %>
<%= cipher_enc_block_size_cell enc[2] %>
<%= cipher_enc_mode_cell enc[3] %>
<%= cipher_mac_type_cell mac[0] %>
<%= cipher_mac_size_cell mac[1] %>
<%= cipher_pfs_cell pfs %>
</tr>
<% end end end %>
</tbody>
</table>
</div>

View File

@ -0,0 +1,156 @@
<div class="container">
<div class="row">
<div class="col-sm-11">
<h1>
[<%= self.type.to_s.upcase %>] <%= @host %> <span class="small">(<%= l @result.date %>)</span>
</h1>
</div>
<% if Time.now - @result.date >= Rails.configuration.refresh_delay %>
<div class="col-sm-1">
<%= link_to t('Refresh'), {action: :refresh}, class: %i(btn btn-default) %>
</div>
<% end %>
</div>
<%
@result.hosts.each do |host|
if host.error
error, host = host.error, host.host
%>
<div class="row">
<div class="col-sm-12">
<h2><%= host.name %> - <%= host.ip %> : <%= host.port %></h2>
<%= t 'Error during analysis:' %>
<span class="label label-error"><%= error %></span>
</div>
</div>
<%
else
host, grade, handshake = host.host, host.grade, host.handshake
%>
<div class="row">
<div class="col-sm-12">
<h2><%= host.name %> - <%= host.ip %> : <%= host.port %></h2>
</div>
</div>
<div class="row">
<div class="col-sm-6">
<table class="table table-bordered table-condensed table-striped">
<thead>
<tr>
<th colspan="2">
Scores
<%= rank_label grade.rank %>
</th>
</tr>
</thead>
<tbody>
<%
{ 'Protocol' => 'protocol',
'Key exchange' => 'key_exchange',
'Cipher' => 'cipher_strengths',
'Overall' => 'score'}.each do |name, v| %>
<tr>
<th class="col-sm-4"><%= t name %></th>
<td class="col-sm-8"><%= score_progress grade.details[v] %></td>
</tr>
<% end %>
</tbody>
</table>
</div>
<div class="col-sm-6">
<table class="table table-bordered table-condensed table-striped">
<tbody>
<tr>
<th class="col-sm-4"><%= t 'Protocols' %></th>
<td class="col-sm-8"><%= protocol_labels handshake.protocols %></td>
</tr>
<tr>
<th><%= t 'Keys' %></th>
<td>
<p><%= t 'Certificates:' %> <%= key_label handshake[:key] %></p>
<p>Diffie Hellman : <%= key_labels handshake.dh %></p>
</td>
</tr>
<% { 'Good practices' => :success,
'Warning' => :warning,
'Critical' => :danger,
'Fatal' => :error }.each do |name, color|
names = grade[color]
next if names.nil? or names.empty?
%>
<tr>
<th><%= t name %></th>
<td>
<% names.each do |name| %>
<span class="label label-<%= color %>"><%= name.upcase %></span>
<% end %>
</td>
</tr>
<% end %>
</tbody>
</table>
</div>
</div>
<div class="row">
<div class="col-sm-12">
<table class="table table-bordered table-condensed table-striped center">
<thead>
<tr>
<th rowspan="2"><%= t 'Name' %></th>
<th colspan="2"><%= t 'Key exchange' %></th>
<th colspan="2"><%= t 'Authentication' %></th>
<th colspan="4"><%= t 'Encryption' %></th>
<th colspan="2"><%= t 'MAC' %></th>
<th rowspan="2"><%= t 'PFS' %></th>
</tr>
<tr>
<th><%= t 'Type' %></th>
<th><%= t 'Key size' %></th>
<th><%= t 'Type' %></th>
<th><%= t 'Key size' %></th>
<th><%= t 'Type' %></th>
<th><%= t 'Key size' %></th>
<th><%= t 'Block size' %></th>
<th><%= t 'Mode' %></th>
<th><%= t 'Type' %></th>
<th><%= t 'Size' %></th>
</tr>
</thead>
<tbody>
<% CryptCheck::Tls::Server::EXISTING_METHODS.each do |protocol|
ciphers = CryptCheck::Tls::Cipher.sort(handshake.ciphers.select { |c| c.protocol == protocol.to_s }
.collect { |c| CryptCheck::Tls::Cipher.new protocol, [c.name, nil, c[:size]], c.dh, handshake[:key] })
unless ciphers.empty? %>
<tr>
<th colspan="12"><%= protocol_label protocol %></th>
</tr>
<% ciphers.each do |cipher|
params = cipher.params
kex = params[:kex]
auth = params[:auth]
enc = params[:enc]
mac = params[:mac]
pfs = params[:pfs]
%>
<tr>
<th><%= cipher_name_label cipher %></th>
<%= cipher_kex_type_cell kex&.first %>
<%= cipher_kex_size_cell kex&.last %>
<%= cipher_auth_type_cell auth&.first %>
<%= cipher_auth_size_cell auth&.last %>
<%= cipher_enc_type_cell enc&.first %>
<%= cipher_enc_key_size_cell enc&.[] 1 %>
<%= cipher_enc_block_size_cell enc&.[] 2 %>
<%= cipher_enc_mode_cell enc&.last %>
<%= cipher_mac_type_cell mac&.first %>
<%= cipher_mac_size_cell mac&.last %>
<%= cipher_pfs_cell pfs %>
</tr>
<% end end end %>
</tbody>
</table>
</div>
</div>
<% end
end %>
</div>

View File

@ -4,37 +4,36 @@
<thead>
<tr>
<th rowspan="2"><%= t 'Name' %></th>
<th rowspan="2"><%= t 'Key exchange' %></th>
<th rowspan="2"><%= t 'Authentication' %></th>
<th rowspan="2"><%= t 'Key exchange' %></th>
<th colspan="4"><%= t 'Encryption' %></th>
<th colspan="2"><%= t 'MAC' %></th>
<th rowspan="2"><%= t 'PFS' %></th>
</tr>
<tr>
<th><%= t 'Type' %></th>
<th><%= t 'Key size' %></th>
<th><%= t 'Block size' %></th>
<th><%= t 'Key size' %></th>
<th><%= t 'Mode' %></th>
<th><%= t 'Type' %></th>
<th><%= t 'Size' %></th>
</tr>
</thead>
<tbody>
<% CryptCheck::Tls::Cipher.list.each do |cipher|
params = cipher.params
kex = params[:kex]
auth = params[:auth]
enc = params[:enc]
mac = params[:mac]
pfs = params[:pfs]
<% CryptCheck::Tls::Cipher[:TLSv1_2].each do |cipher|
kex = cipher.kex
auth = cipher.auth
enc = cipher.encryption
mac = cipher.hmac
pfs = cipher.pfs?
%>
<tr>
<th><%= cipher_name_label cipher %></th>
<%= cipher_kex_type_cell kex&.first %>
<%= cipher_auth_type_cell auth&.first %>
<%= cipher_auth_type_cell auth %>
<%= cipher_kex_type_cell kex %>
<%= cipher_enc_type_cell enc&.first %>
<%= cipher_enc_key_size_cell enc&.[] 1 %>
<%= cipher_enc_block_size_cell enc&.[] 2 %>
<%= cipher_enc_block_size_cell enc&.[] 1 %>
<%= cipher_enc_key_size_cell enc&.[] 2 %>
<%= cipher_enc_mode_cell enc&.last %>
<%= cipher_mac_type_cell mac&.first %>
<%= cipher_mac_size_cell mac&.last %>

View File

@ -3,7 +3,7 @@ class HTTPSWorker < CheckWorker
protected
def analyze(host, port=443)
CryptCheck::Tls::Https::Host.new host, port
CryptCheck::Tls::Https.analyze host, port
end
def type

View File

@ -11,12 +11,10 @@ if ENV['RAILS_ENV'] == 'development'
end
require 'sidekiq'
options = {
url: ENV['REDIS_URL'],
namespace: :cryptcheck
}
client = Sidekiq::Client.new Sidekiq::RedisConnection.create options
redis = ENV['REDIS_URL']
Sidekiq.configure_server { |c| c.redis = { url: redis } }
Sidekiq.configure_client { |c| c.redis = { url: redis } }
clazz, *args = ARGV
clazz += 'Worker'
client.push({ 'class' => clazz, 'args' => args })
Sidekiq::Client.push({ 'class' => clazz, 'args' => args, 'retry' => false })

View File

@ -1,3 +1,4 @@
#!/bin/bash
DIR="$(readlink -m "$(dirname "$0")")"
LD_LIBRARY_PATH="${DIR}/../../cryptcheck/lib" "${0}.rb" $*
DIR="$(readlink -e "$(dirname "${0}")")"
export LD_LIBRARY_PATH="$(readlink -e "${DIR}/../../cryptcheck/lib")"
"${0}.rb" $*

View File

@ -35,8 +35,9 @@ module CryptcheckRails
# The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
# config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
config.i18n.default_locale = :fr
config.i18n.available_locales = %w(en fr de)
config.i18n.default_locale = :en
config.i18n.available_locales = %i[en fr de]
config.i18n.fallbacks = true
config.action_controller.include_all_helpers = false
config.refresh_delay = 1.hour

View File

@ -4,9 +4,9 @@ en:
Cipher suite: Cipher suite
"Cipher suite:": "Cipher suite:"
Check your domain: Check your domain
Check your SSH server: Check your SSH server
Check your SMTP server: Check your SMTP server
Check This domain: Check This domain
Check This SSH server: Check This SSH server
Check This SMTP server: Check This SMTP server
Test me!: Test me!
Currently analysing %{host}: Currently analysing %{host}
@ -43,6 +43,36 @@ en:
Block size: Block size
Size: Size
Status: Status
Not supported: Not supported
"Serial: %{serial}": "Serial: %{serial}"
alert:
critical:
sslv2: This server supports SSLv2
sslv3: This server supports SSLv3
dh: This server supports very weak DH parameters
anonymous: This server supports anonymous ciphers
"null": This server supports NULL ciphers
export: This server supports EXPORT ciphers
des: This server supports DES ciphers
md5: This server supports MD5 ciphers
rc4: This server supports RC4 ciphers
sweet32: This server is vulnerable to Sweet32 attack
error:
dh: This server supports weak DH parameters
tlsv1_0: This server supports TLSv1.0
pfs: This server supports no-PFS ciphers
warning:
tlsv1_1: This server supports TLSv1.1
dhe: This server supports DHE ciphers
hsts: This server doesn't support HSTS
good:
hsts: This server supports HSTS
fallback_scsv: This server supports SCSV fallback
aead: This server supports AEAD ciphers
best:
great:
hsts: This server supports HSTS with long duration

View File

@ -48,6 +48,7 @@ fr:
Checks: Vérifications
Severity: Sévèrité
Certificates: Certificats
Subject: Sujet
Serial: Numéro de série