Summary

Article ID:360033187951
2 minute readKnowledge base
On this page

This article describes how to verify what SSL protocols your CloudBees CD (CloudBees Flow) server supports.

Solution

You can get this information using these methods.

Method 1 - Check supported SSL protocols using nmap utility

For Linux:

  • Install the utility nmap. On Ubuntu, you can do this using command

      sudo apt-get install nmap

  • Execute the following command

      nmap --script ssl-enum-ciphers -p8443 > ssl_protocols_supported.txt

Running this command from the client to the server endpoint will show the SSL ciphers available on the server for the various SSL protocols.

  • Check supported SSL protocols in ssl_protocols_supported.txt file

Method 2 - Check supported SSL protocols using openssl utility

You can use openssl to verify if the server supports that protocol like SSLv3, TLSv1.2 etc.

For Linux:

  • Run "openssl s_client -help" to see to see the different options and openssl supported protocols. It would show options like:

      -ssl2 - just use SSLv2
  -ssl3 - just use SSLv3
  -tls1 - just use TLSv1
  -dtls1 - just use DTLSv1
  -tls1_2 - just use TLSv1.2

  • Specify the option for the protocol that you would like to use and execute commands from below example with this option. For example, for TLSv1.2 protocol

      sudo -i

    then

      export LD_LIBRARY_PATH=/opt/electriccloud/electriccommander/lib && /opt/electriccloud/electriccommander/bin/openssl s_client -connect :8443 -tls1_2 > connect_handshake.txt 2>&1

    Try to use Ctrl+C if the second command is not completing

  • Examine output in file connect_handshake.txt. CloudBees CD (CloudBees Flow) server supports specified SSL protocol if the SSL handshake was successful.

For Windows:

  • Run cmd.exe as Administrator

  • Run "openssl s_client -help" to see to see the different options and openssl supported protocols. It would show options like:

      -ssl2 - just use SSLv2
  -ssl3 - just use SSLv3
  -tls1 - just use TLSv1
  -dtls1 - just use DTLSv1
  -tls1_2 - just use TLSv1.2

  • Specify the option for the protocol that you would like to use and execute command from below example with this option. For example, for TLSv1.2 protocol

      set LD_LIBRARY_PATH="c:\Program Files\Electric Cloud\ElectricCommander\lib" && "c:\Program Files\Electric Cloud\ElectricCommander\bin\openssl.exe" "s_client" "-connect" "" "-tls1_2" > connect_handshake.txt

Try to use Ctrl+C if the command is not completing

  • Examine output in file connect_handshake.txt. CloudBees CD (CloudBees Flow) server supports specified SSL protocol if the SSL handshake was successful.

Applies to

Product versions: All

OS versions: Linux, Windows