Command line TLS and SSL tester for any port with machine-readable output
- Stars9.1k
- Forks1.1k
- Open Issues246
GPL-2.0
- Shell
- Perl
- HTML
About testssl.sh
testssl.sh is a command-line tool that checks TLS and SSL support on any port. It probes the ciphers, protocols, and known cryptographic flaws a service accepts, so you can see exactly how strong its encryption is before trusting it.
Results come as clear human-readable output plus CSV, two JSON formats, and HTML for reports and pipelines. It needs no extra setup and works against any SSL/TLS or STARTTLS service, not just web servers on port 443, with command-line flags to scope and shape each test.
Written in bash, it runs on Linux, macOS, the BSDs, and Windows through WSL2, MSYS2, or Cygwin, and ships a Docker image for container-based scans. It is open under GPLv2.
Key features
- Checks TLS and SSL ciphers, protocols, and some cryptographic flaws
- Machine-readable output in CSV, two JSON formats, and HTML
- Tests SSL/TLS-enabled and STARTTLS services on any port
- Runs without extra setup or package installs
- Dockerfile and container image available
Details
- On GitHub since
- 2014
- Platforms
- Linux · macOS · Windows · Docker
- Deployment
- self-hostable · docker
- Output
- CSV · JSON · HTML
- License
- GPLv2
- Language
- bash