SSL Analyzer, still in beta...

I would like to know if COMODO SSL Analyzer, will come out from BETA stage any time soon?
Is it still under development? Can we trust in the results (because of the BETA stage)?

yes results are good…its beta only because we haven’t made it pretty…its functional :slight_smile:

LOL… I can leave with the current UI :smiley:

Thanks for this incredible tool (and again, for FREE). :-TU

Hello, I am using SSL ANALYZER (once again, a great tool!) and its saying that I am using SSL 2.0.
SSL ANALYZER itself also tells me that its INSECURE.

How can I turn off SSL 2.0 in IIS 7.0?
I have experince on doing it within IIS 6.x.
But seems that IIS 7.0, the regular procedure is not enough.
I googled a little bit and didnt find a working solution.

How can I disabled SSL 2.0 in IIS 7.0? What registry keys should I modify?
And what ciphers should I use (what would also be the registry keys to modify to achieve strongest cipher use)?

Thank you for any help!

(once again, a great tool!)

Thanks!

How can I turn off SSL 2.0 in IIS 7.0?

its beta only because we haven’t made it pretty

Hey Melih, are you criticizing my rudimentary CSS skills? :wink:

My reason for not taking it out of Beta yet is that I still have a long list of features I’d like to add. I’m not sure it’s quite feature-complete enough to come out of Beta yet.

It is indeed. Some other online tools only give you information that the browser itself gives.
But its very hard to find a toold that gives you SECURITY information about the certificate and the web server config. Keep it up Rob!

I tried that and it doesnt work.
Like I said in my previous post, I googled a little bit and didnt find a working solution (including the link you have sent me).
Could it be a IIS 7.0 bug?

Its good to know that SSL ANALYZER its going to be improved even further. Good news!
Do you know SERVERSNIFF.NET? Also has some cool features.
This are the only 2 tools I found to be reliable and complete.

edit by EricJH: fixed quote structure

But its very hard to find a toold that gives you SECURITY information about the certificate and
the web server config. Keep it up Rob!

:slight_smile:

Could it be a IIS 7.0 bug?

I’d be surprised if it’s a bug. Maybe this will help…

http://www.microsoftiisexperts.com/general/Q_25431959-Disabling-SSLv2-in-IIS7-on-Win-2008-64-bit-machine.jsp
(scroll down to the Accepted Solution at the bottom of this page).

Do you know SERVERSNIFF.NET? Also has some cool features.

Not seen that one before. Thanks!

Ill give a try to what you sent me through the link.
That link I havent seen before, so I might a good start.

About SERVERSNIFF.NET, this would be the link for the SSL analysis:
Startseite - Bundeswehr

Just thought I would give you the right info to see if it helps to develop further CSA (Comodo SSL Analyzer).

Thanks for everything.