Does anyone know of an quick and easy to use tool that can scan SSL/TLS certificates? I have a number of internal devices that use default self-signed certs and would like to see which ciphers are supported. Ideally I’d like to be able to give it a list of IP’s and generate a report. I can do this with NMAP wondered if there were other options?
Thanks!
I find SSLScan is fast and easy to use. Nessus is another option (not as fast or easy - also limited to what the license allows you to scan).
Hi, found the same question on google. https://superuser.com/questions/109213/how-do-i-list-the-ssl-tls-cipher-suites-a-particular-website-offers.
Use openssl and build a script. Change the script to make it fit your purpose.
Thanks for the suggestions and pointer!
SSLScan seems to fit the bill. Wrote a simple Powershell script to run against my targeted hosts.
Glad I could help. Is your script something you could share here? I know I’d love to see it and I’m sure many others could benefit from it too.
I just started a new job a few weeks ago so let me clear this with my boss. I am sure its ok, but I want to make sure being relatively new. Again its nothing special since I am pretty rusty with Powershell 
No worries, and definitely no pressure. I was just thinking how useful it can be to look at how someone else tackled a problem when you are trying to solve one of your own. Rusty or not, your idea works for you and that is great!