SSL Labs
This document provides guidance on how to integrate SSL Labs with Google SecOps.
Configure SSL Labs integration in Google Security Operations
For detailed instructions on how to configure an integration in Google SecOps, see Configure integrations.
Actions
Analyse Entity
Description
Analyse a host or a URL.
Parameters
N/A
Use cases
N/A
Run On
This action runs on the following entities:
- URL
- Hostname
Action Results
Entity Enrichment
| Enrichment Field Name | Logic-When to apply |
|---|---|
| status | Returns if it exists in JSON result |
| protocol | Returns if it exists in JSON result |
| criteriaVersion | Returns if it exists in JSON result |
| isPublic | Returns if it exists in JSON result |
| testTime | Returns if it exists in JSON result |
| hosts | Returns if it exists in JSON result |
| certs | Returns if it exists in JSON result |
| ocspURIs | Returns if it exists in JSON result |
| crlRevocationStatus | Returns if it exists in JSON result |
| commonNames | Returns if it exists in JSON result |
| altNames | Returns if it exists in JSON result |
| raw | Returns if it exists in JSON result |
| keySize | Returns if it exists in JSON result |
| mustStaple | Returns if it exists in JSON result |
| sct | Returns if it exists in JSON result |
| sgc | Returns if it exists in JSON result |
| id | Returns if it exists in JSON result |
| issues | Returns if it exists in JSON result |
| subject | Returns if it exists in JSON result |
| keyAlg | Returns if it exists in JSON result |
| keyStrength | Returns if it exists in JSON result |
| notBefore | Returns if it exists in JSON result |
| notAfter | Returns if it exists in JSON result |
| keyKnownDebianInsecure | Returns if it exists in JSON result |
| dnsCaa | Returns if it exists in JSON result |
| ocspRevocationStatus | Returns if it exists in JSON result |
| pinSha256 | Returns if it exists in JSON result |
| revocationInfo | Returns if it exists in JSON result |
| sha256Hash | Returns if it exists in JSON result |
| revocationStatus | Returns if it exists in JSON result |
| sigAlg | Returns if it exists in JSON result |
| serialNumber | Returns if it exists in JSON result |
| issuerSubject | Returns if it exists in JSON result |
| startTime | Returns if it exists in JSON result |
| engineVersion | Returns if it exists in JSON result |
| endpoints | Returns if it exists in JSON result |
| sims | Returns if it exists in JSON result |
| results | Returns if it exists in JSON result |
| lists | Returns if it exists in JSON result |
| dhPrimes | Returns if it exists in JSON result |
| fallbackScsv | Returns if it exists in JSON result |
| hpkpRoPolicy | Returns if it exists in JSON result |
| pins | Returns if it exists in JSON result |
| status | Returns if it exists in JSON result |
| directives | Returns if it exists in JSON result |
| matchedPins | Returns if it exists in JSON result |
| rc4WithModern | Returns if it exists in JSON result |
| dhYsReuse | Returns if it exists in JSON result |
| openSSLLuckyMinus20 | Returns if it exists in JSON result |
| hasSct | Returns if it exists in JSON result |
| supportsAlpn | Returns if it exists in JSON result |
| dhUsesKnownPrimes | Returns if it exists in JSON result |
| hpkpPolicy | Returns if it exists in JSON result |
| port | Returns if it exists in JSON result |
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| success | True/False | success:False |
JSON Result
[
{
"EntityResult": {
"status": "READY",
"protocol": "http",
"criteriaVersion": "2009p",
"isPublic": false,
"testTime": 1548163096137,
"host": "https://www.siemplify.co",
"certs": [{
"ocspURIs": ["http://ocsp.int-x3.letsencrypt.org"],
"crlRevocationStatus": 4,
"commonNames": ["www.siemplify.co"],
"altNames": ["www.siemplify.co"],
"raw": "-----BEGIN CERTIFICATE-----\\nMIIFWDCCBECgAwIBAgISA5qP6yPO3cbn1jut2q32WO1YMA0GCSqGSIb3DQEBCwUAMEoxCzAJBgNV\\r\\nBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQDExpMZXQncyBFbmNyeXB0IEF1\\r\\ndGhvcml0eSBYMzAeFw0xODEyMTkyMDU5MjRaFw0xOTAzMTkyMDU5MjRaMBsxGTAXBgNVBAMTEHd3\\r\\ndy5zaWVtcGxpZnkuY28wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCVwGgI4e7VODR\\r\\nHpvnle2ACrxB4I/lu1w7UTQ+ToTH4YHf4QSphKIeIgKgTvFDO9XyDAeHHBrlQJi9gUpb4UMvqe0k\\r\\nhtusaoEtOxooyS/MriYmyb0jH6DN/+iFUz51V/TGSBiuMQOT0Xr0Pd+O1NTnScfPvZAkhA922GzN\\r\\n34A3UUrckPROod9rhyk3VVGzBiyGM0Ug/YZA/CR2KBdx44TEif5x3r5gM9Y6tVJCwpb1P8u4ih2B\\r\\nhGQfcsk9lVLhAc3CA2RuoNiJMhnSPcq0Z6Ena6HZFP50kmyC+I+nOA6maPqd2sVziLRfx/6KQ64b\\r\\nvaxmfh2JVin9HDA0s+k7FH47AgMBAAGjggJlMIICYTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw\\r\\nFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFBeENk9Ff8ytmywZ\\r\\nriIf/+Dxh0PhMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMw\\r\\nYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEF\\r\\nBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wGwYDVR0RBBQwEoIQd3d3\\r\\nLnNpZW1wbGlmeS5jbzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsG\\r\\nAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA\\r\\n8AB2AOJpS64m6OlACeiGG7Y7g9Q+5/50iPukjyiTAZ3d8dv+AAABZ8h7B8gAAAQDAEcwRQIhALDG\\r\\nUqy3IKM5RDiC2gFQcLni9zPU0K+/emeoakaySTBQAiBKbOuHwAPc5o7K9IaQBmoBGysmSkiB2ZYS\\r\\ntN92RVmqjQB2AGPy283oO8wszwtyhCdXazOkjWF3j711pjixx2hUS9iNAAABZ8h7BdQAAAQDAEcw\\r\\nRQIhAPy8EuaFcMgeoGsrD9CK//6YoKnnnoSrBVbXDQM6DkCAAiB6iA1dre97fiuKEoeAKlmn6kha\\r\\nIbMdm4RYL9eA1EtTRDANBgkqhkiG9w0BAQsFAAOCAQEAJSzdIKyiC73v9oe9CABOz2GoZK4wUdnb\\r\\nLI5MupWv2rgZn0Co9gT/9R8mfKjq3ekdzesvhFzGGO6zIi5sHr8zxI2PyjuyLloFfI3EGsBjdDqI\\r\\nNUrpGrr/85+jk0eC2AG7ThA1ryJIApaU790f+e7uIu5ceA7WhwMpGJWF+TWhOSS5lLHhKJ3Ah4C4\\r\\nDErkeXUVpJUp+0VbE8bsigZ2jJh7eI2RsOmG8gHrTW4qPTQGeZFadR3Sfeq4mifk088Uyw3tF3eL\\r\\n9buXQWXi5o2mEsAPUpKTZFeYZqaEGQOM5RCOyO3kN/+OSJNHU+SjQn2SvyMRCCMMj7pAoMlyjvS7\\r\\nVglJKg==\\r\\n-----END CERTIFICATE-----\\n",
"keySize": 2048,
"mustStaple": false,
"sct": true,
"sgc": 0,
"id": "236a2b12c7f9384f5907724502b8635bc86f4281a543b9d77b7a5a87d1feed2d",
"issues": 0,
"subject": "CN=www.siemplify.co",
"keyAlg": "RSA",
"keyStrength": 2048,
"notBefore": 1545253164000,
"notAfter": 1553029164000, "sha1Hash":
"22a53bd913fca0bc60cd5d6e577271585019b2b4",
"keyKnownDebianInsecure": false,
"dnsCaa": false,
"ocspRevocationStatus": 2,
"pinSha256": "KBlMyqNKhogFXSV1X6/xpt62dfut1th0XspgxFAtgSY=",
"revocationInfo": 2,
"sha256Hash": "236a2b12c7f9384f5907724502b8635bc86f4281a543b9d77b7a5a87d1feed2d",
"revocationStatus": 2,
"sigAlg": "SHA256withRSA",
"serialNumber": "039a8feb23ceddc6e7d63baddaadf658ed58",
"issuerSubject": "CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US"
}],
"startTime": 1548162999719,
"engineVersion": "1.32.13",
"endpoints": [{
"gradeTrustIgnored": "A",
"grade": "A",
"hasWarnings": false,
"serverName": "1.1.1.1.bc.googleusercontent.com",
"delegation": 2,
"details": {
"sims": {
"results": [{
"errorCode": 1,
"sigAlg": "SHA256withRSA",
"attempts": 0,
"client": {
"version": "2.3.7",
"isReference": false,
"id": 56,
"name": "Android"
},
"errorMessage": "Protocol mismatch (not simulated)"
}]},
"poodleTls": 1,
"freak": false,
"sessionTickets": 1,
"compressionMethods": 0,
"suites": [{
"list": [{
"cipherStrength": 256,
"namedGroupName": "secp256r1",
"name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"namedGroupId": 23,
"namedGroupBits": 256,
"kxStrength": 3072,
"kxType": "ECDH",
"id": 49172
}],
"protocol": 770,
"preference": true
},{
"protocol": 771,
"preference": true
}],
"dhPrimes": [ "889c6c058890bda62ced33f067eaf414568910838d4bdc23e3dbef17caf5cf117c1b48f0dd74b03b193af42d011a4b7fde725dc6ab97897a81e0ee81e1af420ce716cec48a862d4f8193709df4c59837c8a5f73006147b3c0b8d531074c83f9c94914150eb29b855d0f93b5c9b125b5eb3a21e2a638eebc50a517872af93dafbecfa137c379139272a0ecbfd5a2b3bba2f2555540a0cd2cec215b2701beaaad208c6ac3e1be79e319f39ccb2d9e1ab21d4a40e5db817bc3baa5d656bdc6764da4d4e750a5db7a0a2c724cb376f6a7a7ef1e4e58ebcdd886fdc25241c76941eaf3197ada60ca0ada91767eb0193c86eb9b9670a46511c3250f5575e04abd5e8cb"
],
"fallbackScsv": true,
"hpkpRoPolicy": {
"pins": [],
"status": "absent",
"directives": [],
"matchedPins": []
},
"rc4WithModern": false,
"dhYsReuse": false,
"openSSLLuckyMinus20": 1,
"hasSct": 1,
"supportsAlpn": true,
"dhUsesKnownPrimes": 0,
"hpkpPolicy": {
"pins": [],
"status": "absent",
"directives": [],
"matchedPins": []
},
"staticPkpPolicy": {
"serverSignature": "nginx",
"poodle": false,
"hstsPolicy": {
"status": "absent",
"LONG_MAX_AGE": 15552000,
"directives": {
}},
"ocspStapling": false,
"protocols": [{
"version": "1.1",
"id": 770,
"name": "TLS"
}],
"ticketbleed": 1,
"forwardSecrecy": 4,
"miscIntolerance": 0,
"hstsPreloads": [{
"status": "absent",
"source": "Chrome",
"hostname": "www.siemplify.co",
"sourceTime": 1548162600888}],
"drownVulnerable": false,
"ecdhParameterReuse": false,
"vulnBeast": false,
"drownHosts": [],
"certChains": [{
"trustPaths": [{
"trust": [{
"isTrusted": true,
"rootStore": "Windows"
}],
"certIds": [ "236a2b12c7f9384f5907724502b8635bc86f4281a543b9d77b7a5a87d1feed2d", "25847d668eb4f04fdd40b12b6b0740c567da7d024308eb6c2c96fe41d9de218d", "0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739"
]}],
"noSni": false,
"issues": 0
}],
"prefixDelegation": true,
"supportsAead": true,
"alpnProtocols": "h2 http/1.1",
"logjam": false,
"renegSupport": 2,
"heartbleed": false,
"heartbeat": true,
"sniRequired": true,
"sessionResumption": 2,
"httpStatusCode": 200,
"nonPrefixDelegation": false,
"rc4Only": false,
"openSslCcs": 1,
"bleichenbacher": 1,
"httpTransactions": [{
"requestLine": "GET / HTTP/1.1",
"requestHeaders": [
"Host: www.siemplify.co",
"User-Agent: SSL Labs (https://www.ssllabs.com/about/assessment.html); on behalf of XXX.XXX.XXX.XXX",
"Accept: */*"
],
"requestUrl": "https://www.siemplify.co/",
"fragileServer": false,
"responseLine": "HTTP/1.1 200 OK",
"responseHeadersRaw": [
"Server: nginx",
"Date: Tue, 22 Jan 2019 13:16:44 GMT",
"Content-Type: text/html; charset=UTF-8"
],
"responseHeaders": [{
"name": "Server",
"value": "nginx"
}],
"statusCode": 200
}],
"supportsRc4": false,
"drownErrors": false,
"hostStartTime": 1548162999719,
"protocolIntolerance": 0,
"supportsNpn": true,
"namedGroups": {
"list": [{
"namedGroupType": "EC",
"bits": 283,
"id": 10,
"name": "sect283r1"
}],
"preference": true
},
"npnProtocols": "h2 http/1.1"
},
"isExceptional": false,
"duration": 96329,
"progress": 100,
"ipAddress": "1.1.1.1",
"statusMessage": "Ready"
}],
"port": 443
},
"Entity": "https://www.siemplify.co"
}
]
Ping
Description
Test connectivity to SSL Labs.
Parameters
N/A
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| success | True/False | success:False |
JSON Result
N/A
Need more help? Get answers from Community members and Google SecOps professionals.