SSLyze v0.11 Released
I just released a new version of SSLyze which brings new features and improvements. As usual, pre-compiled packages available in the release section of the project’s page on GitHub.
Most of the changes were toward making the XML output more consistent and easier to parse. As a consequence, the updated XML formatting will break any application that was processing XML results from the previous version. However, I’ve also generated an XML Schema Definition to help developers work with the XML output.
As described in the changelog, additional new features were implemented, most of them coming from pull requests from various contributors including cjeanneret, arirubinstein, wolfgangkarall and bluec0re. As always, it is pretty cool to see people getting involved!
Full Changelog
- Added support for Postgres StartTLS; see
--starttls=postgres
- Added the
--ca_file
option for specifying a local trust store to validate the server’s certificate - Added the
--quiet
option to hide any text output when using –xml_out - Improved the formatting of the XML output to make it easier to parse and more useful; this will break any tool that was processing the XML output from previous versions, but an XML Schema Definition is now available in SSLyze’s root folder
- Bug fixes for EC certificates, HSTS, XMPP and LDAP
- Updated OpenSSL to 1.0.2a
- Updated Microsoft, Apple and Mozilla trust stores