SSL/TLS Capabilities of Your Browser
User Agent: CCBot/2.0 (http://commoncrawl.org/faq/)
iOS and OS X TLS Authentication Vulnerability
Please wait, checking if your user agent is vulnerable...
To test manually, click here. If your user agent refuses to connect, you are not vulnerable. This test requires a connection to the SSL Labs server on port 10443. A strict outbound firewall might interfere. You should test Safari running on iOS or OS X. Chrome and Firefox are not vulnerable, even when running on a vulnerable operating system. MORE »
Protocol Features
Protocols*
TLS 1.2 No
TLS 1.1 No
TLS 1.0 Yes
SSL 3 Yes
SSL 2 No
(*) This test reliably detects only the highest supported protocol.


Cipher Suites (in order of preference)
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)   Forward Secrecy 256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)   Forward Secrecy 256
TLS_RSA_WITH_AES_256_CBC_SHA (0x35) 256
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA (0xc005) 256
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA (0xc00f) 256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39)   Forward Secrecy 256
TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x38)   Forward Secrecy* 256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)   Forward Secrecy 128
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)   Forward Secrecy 128
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) 128
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA (0xc004) 128
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA (0xc00e) 128
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33)   Forward Secrecy 128
TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x32)   Forward Secrecy* 128
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA (0xc007)   Forward Secrecy 128
TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011)   Forward Secrecy 128
TLS_RSA_WITH_RC4_128_SHA (0x5) 128
TLS_ECDH_ECDSA_WITH_RC4_128_SHA (0xc002) 128
TLS_ECDH_RSA_WITH_RC4_128_SHA (0xc00c) 128
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc008)   Forward Secrecy 112
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012)   Forward Secrecy 112
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) 112
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc003) 112
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA (0xc00d) 112
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16)   Forward Secrecy 112
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x13)   Forward Secrecy* 112
TLS_RSA_WITH_RC4_128_MD5 (0x4) 128
TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0xff) -
(*) Cannot be used for Forward Secrecy because they require DSS keys, which are effectively limited to 1024 bits.


Protocol Details
Server Name Indication (SNI) Yes
Secure Renegotiation Yes
TLS compression No
Session tickets No
OCSP stapling No
Signature algorithms -
Elliptic curves secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1
Next Protocol Negotiation No
Application Layer Protocol Negotiation No
SSL 2 handshake compatibility No