How to get a list of ciphers supported by a remote HTTPS server from a Java application?

How to get a list of ciphers supported by a remote server through Java JSSE.

I want to get a list of weak ciphers supported by the remote server so that they can be fixed.

I am using SSLSocket

, which has a method called getSupportedCipherSuites

, but this method returns ciphers that are supported by the client and not the remote server.


source to share

2 answers

  • Enable all weak encryption packages on your client and none of the strong ones.
  • Ask your client to connect and call startHandshake ().
  • If it succeeds, the server has chosen a weak cipher suite, which you can get from SSLSession. Remove this from allowed cipher suites and try again.

All handshakes in (2) that succeed indicate that the corresponding weak cipher packet is enabled on the server. If there is zero, good. If not, print out the following cipher lists and proceed accordingly.



You can try gnutls-cli



All Articles