/
BLCloud SSL TLS Support Results

BLCloud SSL TLS Support Results

Owned by Jonathan Schmale
Last updated: Jan 16, 2024
3 min read

The results from this test showed: https://www.ssllabs.com/ssltest/analyze.html?d=blcloud.net

Making Changes for Improved Security Ratings

Disable TLS 1.0 and 1.1

Using a Powershell command or Registry editing:

https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs#use-powershell-to-disable-tls-10

Enable strong authentication for .NET applications:

Using a Powershell script:

Manage SSL/TLS protocols and cipher suites for AD FS

 

2024-01-16

Overall Rating

A

image-20240116-165249.png

This site works only in browsers with SNI support.

This server supports TLS 1.3.

Chain Issues: None

Common names: *.blcloud.net

Alternative names: *.blcloud.net blcloud.net

Protocols

 

Protocols

 

TLS 1.3

Yes

TLS 1.2

Yes

TLS 1.1

No

TLS 1.0

No

SSL 3

No

SSL 2

No

Cipher Suites

TLS 1.3 (suites in server-preferred order)

TLS_AES_256_GCM_SHA384 (0x1302) ECDH secp384r1 (eq. 7680 bits RSA) FS

 

256

TLS_AES_128_GCM_SHA256 (0x1301)   ECDH x25519 (eq. 3072 bits RSA)   FS

 

128

TLS 1.2 (suites in server-preferred order)

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) ECDH secp384r1 (eq. 7680 bits RSA) FS

 

256

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)   ECDH x25519 (eq. 3072 bits RSA)   FS

 

128

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f)   DH 2048 bits   FS

 

256

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e)   DH 2048 bits   FS

 

128

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) ECDH secp384r1 (eq. 7680 bits RSA) FS

WEAK

256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)   ECDH x25519 (eq. 3072 bits RSA)   FS

WEAK

128

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)   ECDH secp384r1 (eq. 7680 bits RSA)   FS

WEAK

256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH x25519 (eq. 3072 bits RSA)   FS

WEAK

128

TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d)

WEAK

256

TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c)

WEAK

128

TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d)

WEAK

256

TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)

WEAK

128

TLS_RSA_WITH_AES_256_CBC_SHA (0x35)

WEAK

256

TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)

WEAK

128

TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa)

WEAK

112

2022-10-12

Overall Rating

Protocols

 

Protocols

 

TLS 1.3

No

TLS 1.2

Yes

TLS 1.1

Yes

TLS 1.0

Yes

SSL 3.0

No

SSL 2.0

No

Cipher Suites

TLS 1.2 (suites in server-preferred order)

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)   ECDH secp256r1 (eq. 3072 bits RSA)   FS  

WEAK

256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)   ECDH secp256r1 (eq. 3072 bits RSA)   FS  

WEAK

128

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)   ECDH secp256r1 (eq. 3072 bits RSA)   FS  

WEAK

256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)   ECDH secp256r1 (eq. 3072 bits RSA)   FS  

WEAK

128

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f)   DH 1024 bits   FS  

WEAK

256

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e)   DH 1024 bits   FS  

WEAK

128

TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d)  

WEAK

256

TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c)  

WEAK

128

TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d)  

WEAK

256

TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)  

WEAK

128

TLS_RSA_WITH_AES_256_CBC_SHA (0x35)  

WEAK

256

TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)  

WEAK

128

TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa)  

WEAK

112

TLS_RSA_WITH_RC4_128_SHA (0x5)  

INSECURE

128

TLS_RSA_WITH_RC4_128_MD5 (0x4)  

INSECURE

128

Related content

URL Data Issues
URL Data Issues
Support
More like this
HTTPS
HTTPS
Chameleon
More like this
CBP Wait Times Reader
CBP Wait Times Reader
Chameleon
More like this
Consortium Reader Release Notes
Consortium Reader Release Notes
Chameleon
More like this
The Weather Company Reader Release Notes
The Weather Company Reader Release Notes
Chameleon
More like this
SSL/TLS Certificates
SSL/TLS Certificates
Chameleon
More like this