In view of COVID-19 precaution measures, we remind you that ImmuniWeb Platform allows to easily configure and safely buy online all available solutions in a few clicks.
https://www.immuniweb.com/ssl/api/v1/check/[ustamp].html - where "ustamp" is an arbitrary UNIX time-stamp (must be an integer). Such construction is done to prevent caching on client side.
POST Data Specification
Field Name
Value
api_key
secret token which you submit alongside with the request
domain
must be a valid domain name, or IP address, followed by a port number. If port is not supplied, 443 is used by default.
show_test_results
"false" means that test results will be hidden, "true" means that test results will be displayed in statistics.
choosen_ip
IP address of tested server (if tested domain resolves to multiple addresses).
recheck
"false" will use results from cache if the server has been tested within the past 24 hours, "true" will perform a new test without looking at the cache.
verbosity
1 means output will be detailed, 0 means output will be short.
token
value of the token sent by the server if the tested domain is resolved into several IP addresses.
{ "job_id":"2a9e1f1bc92dc0c7a4bde930dff488771eea6d36988208d34163c5496227b8dc", "status":"in_progress", "status_id":2, "eta":2, "message":"Your test is in progress" }
Secure Sockets Layer (SSL) is a family of network protocols aimed to encrypt data transmission over other, higher level, protocols that transport web content, email or other types of information. Today SSL is considered obsolete and insecure, and is now replaced with a newer TLS (Transport Layer Security) family of protocols. Many people, however, still use the SSL acronym interchangeably with TLS. Billions of people unwittingly use SSL/TLS in a daily manner, for example, when they visit an HTTPS website, they are relying on TLS encryption when sending and receiving the data from the web server where the website is hosted.
Q
How does SSL work?
A
Secure Sockets Layer (SSL) is now replaced by a more secure TLS (Transport Layer Security) family of data encryption protocols. They serve to wrap digitally transmitted data (e.g. emails or HTTP requests sent to a website) sent over a network to prevent data interception and falsification. You may consider SSL encryption to be a sealed and unbreakable envelope to protect content of your letter sent by a public postal service.
Q
What is SSL certificate?
A
From a technical standpoint, SSL certificate is a file stored on the server. From a practical standpoint, SSL certificate is a key to encrypt and decrypt information sent or received by a web, email or other servers with SSL/TLS encryption enabled. Furthermore, some SSL certificates may also confirm identity of the website owner, ensuring its visitors that they deal with the genuine website they can trust.
Q
How to check SSL certificate?
A
You may inspect and check SSL certificate of a website just by clicking on the green (grey or blue) lock icon on the left side of your browser’s address bar. Your web browser will display all available information about the SSL certificate. You may also check validity and correct configuration of your SSL certificate by running a free SSL security test operated by ImmuniWeb Community Edition.
Q
Why SSL certificate is required for website?
A
SSL certificate is required to allow data encryption between your website and its visitors by using HTTPS encryption. Google, Mozilla and many other companies may warn about insecurity of a website without HTTPS encryption or even block access to such website.
An EV (Extended Validation) SSL certificate also provides a certain degree of trust to your website visitors by ensuring that your organization is a valid and existing business. Recently, however, many organizations and web browsers announced a gradual discontinuity of EV SSL certificates support stating lack of efficiency and exorbitant prices for EV certificates among the main causes of their decision.
Q
Can SSL be decrypted?
A
Some of the inherent cryptographic vulnerabilities (e.g. BEAST or POODLE) or SSL/TLS implementational vulnerabilities (Heartbleed) of SSL/TLS allow decrypting SSL/TLS traffic under some circumstances, usually involving social engineering, vulnerable or misconfigured software on the client or server side. Some variations of MITM (Man-in-the-Middle) attacks also permit intercepting and forging encrypted content under similar set of circumstances.
Q
What is the SSL test and how do I perform it?
A
SSL test aims to illuminate the wide spectrum of configurational, implementational and cryptographical problems inherent to SSL/TLS protocols and underlying software. ImmuniWeb Community Edition provides a free SSL test to detect all known security and cryptographic issues in your SSL/TLS-enabled services (e.g. HTTPS or SMTPS servers) and also test whether PCI DSS, NIST and HIPAA requirements related to SSL are properly implemented.
Q
What is SSL/TLS security testing used for?
A
SSSL/TLS security testing may be used to ensure that regulatory requirements and compliance, including different requirements of PCI DSS, GDPR or NIST, are properly implemented. Furthermore, SSL/TLS security testing ensures that your clients and other websites visitors (in the case of HTTPS encryption) are well protected from MITM attacks and other vectors of data interception. Finally, proper SSL/TLS configuration ensures that modern web and mobile browsers won’t block access to your website considering its insecure. You can test your SSL/TLS security by a free online test provided as a part of ImmuniWeb Community Edition.
This website uses cookies to provide you with a better surfing experience. To learn more, please visit our Privacy Policy. By continuing to use this website you consent to our use of cookies.
PCI DSS 
