This project is a web interface for testssl.sh. It can be used to offer internal TLS/SSL configuration check portals, whereever the usual public tools are not applicable.
- Clone the testssl.sh-webfrontend repository with its main dependency testssl.sh by invocation of
git clone --recursive https://github.com/TKCERT/testssl.sh-webfrontend.git
. - Install Python 3 (
apt-get install python3
) and the Python module Flask by runningpip3 install flask
. - Install aha (
apt-get install aha
) - Configure SSLTestPortal.py, especially application.secret_key, in its configuration section and create the required paths (log, result/html and result/json in the default configuration).
- Run SSLTestPortal.py or deploy it as WSGI script.
If you would like to run behind a NGINX Reverse Proxy simply add this to your configuration file in sites-enabled. If you want to add security to it look at nginx module basic_auth.
location /testssl/ {
proxy_pass http://127.0.0.1:5000/;
gzip_types text/plain application/javascript;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_connect_timeout 200; # you might need to increase these values depending on your server hardware.
proxy_send_timeout 200; # you might need to increase these values depending on your server hardware.
proxy_read_timeout 200; # you might need to increase these values depending on your server hardware.
send_timeout 200; # you might need to increase these values depending on your server hardware.
}
You still have to autostart the script on boot. This can be done manually in a screen.
Markus Kraus (@vMarkus_K) created a Docker Image.