SSL Labs
Integration version: 8.0
Configure SSL Labs integration in Google Security Operations
For detailed instructions on how to configure an integration in Google SecOps, see Configure integrations.
Actions
Analyse Entity
Description
Analyse a host or a URL.
Parameters
N/A
Use cases
N/A
Run On
This action runs on the following entities:
- URL
- Hostname
Action Results
Entity Enrichment
| Enrichment Field Name | Logic-When to apply |
|---|---|
| status | Returns if it exists in JSON result |
| protocol | Returns if it exists in JSON result |
| criteriaVersion | Returns if it exists in JSON result |
| isPublic | Returns if it exists in JSON result |
| testTime | Returns if it exists in JSON result |
| hosts | Returns if it exists in JSON result |
| certs | Returns if it exists in JSON result |
| ocspURIs | Returns if it exists in JSON result |
| crlRevocationStatus | Returns if it exists in JSON result |
| commonNames | Returns if it exists in JSON result |
| altNames | Returns if it exists in JSON result |
| raw | Returns if it exists in JSON result |
| keySize | Returns if it exists in JSON result |
| mustStaple | Returns if it exists in JSON result |
| sct | Returns if it exists in JSON result |
| sgc | Returns if it exists in JSON result |
| id | Returns if it exists in JSON result |
| issues | Returns if it exists in JSON result |
| subject | Returns if it exists in JSON result |
| keyAlg | Returns if it exists in JSON result |
| keyStrength | Returns if it exists in JSON result |
| notBefore | Returns if it exists in JSON result |
| notAfter | Returns if it exists in JSON result |
| keyKnownDebianInsecure | Returns if it exists in JSON result |
| dnsCaa | Returns if it exists in JSON result |
| ocspRevocationStatus | Returns if it exists in JSON result |
| pinSha256 | Returns if it exists in JSON result |
| revocationInfo | Returns if it exists in JSON result |
| sha256Hash | Returns if it exists in JSON result |
| revocationStatus | Returns if it exists in JSON result |
| sigAlg | Returns if it exists in JSON result |
| serialNumber | Returns if it exists in JSON result |
| issuerSubject | Returns if it exists in JSON result |
| startTime | Returns if it exists in JSON result |
| engineVersion | Returns if it exists in JSON result |
| endpoints | Returns if it exists in JSON result |
| sims | Returns if it exists in JSON result |
| results | Returns if it exists in JSON result |
| lists | Returns if it exists in JSON result |
| dhPrimes | Returns if it exists in JSON result |
| fallbackScsv | Returns if it exists in JSON result |
| hpkpRoPolicy | Returns if it exists in JSON result |
| pins | Returns if it exists in JSON result |
| status | Returns if it exists in JSON result |
| directives | Returns if it exists in JSON result |
| matchedPins | Returns if it exists in JSON result |
| rc4WithModern | Returns if it exists in JSON result |
| dhYsReuse | Returns if it exists in JSON result |
| openSSLLuckyMinus20 | Returns if it exists in JSON result |
| hasSct | Returns if it exists in JSON result |
| supportsAlpn | Returns if it exists in JSON result |
| dhUsesKnownPrimes | Returns if it exists in JSON result |
| hpkpPolicy | Returns if it exists in JSON result |
| port | Returns if it exists in JSON result |
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| success | True/False | success:False |
JSON Result
[ { "EntityResult": { "status": "READY", "protocol": "http", "criteriaVersion": "2009p", "isPublic": false, "testTime": 1548163096137, "host": "https://www.siemplify.co", "certs": [{ "ocspURIs": ["http://ocsp.int-x3.letsencrypt.org"], "crlRevocationStatus": 4, "commonNames": ["www.siemplify.co"], "altNames": ["www.siemplify.co"], "raw": "-----BEGIN CERTIFICATE-----\\nMIIFWDCCBECgAwIBAgISA5qP6yPO3cbn1jut2q32WO1YMA0GCSqGSIb3DQEBCwUAMEoxCzAJBgNV\\r\\nBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQDExpMZXQncyBFbmNyeXB0IEF1\\r\\ndGhvcml0eSBYMzAeFw0xODEyMTkyMDU5MjRaFw0xOTAzMTkyMDU5MjRaMBsxGTAXBgNVBAMTEHd3\\r\\ndy5zaWVtcGxpZnkuY28wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCVwGgI4e7VODR\\r\\nHpvnle2ACrxB4I/lu1w7UTQ+ToTH4YHf4QSphKIeIgKgTvFDO9XyDAeHHBrlQJi9gUpb4UMvqe0k\\r\\nhtusaoEtOxooyS/MriYmyb0jH6DN/+iFUz51V/TGSBiuMQOT0Xr0Pd+O1NTnScfPvZAkhA922GzN\\r\\n34A3UUrckPROod9rhyk3VVGzBiyGM0Ug/YZA/CR2KBdx44TEif5x3r5gM9Y6tVJCwpb1P8u4ih2B\\r\\nhGQfcsk9lVLhAc3CA2RuoNiJMhnSPcq0Z6Ena6HZFP50kmyC+I+nOA6maPqd2sVziLRfx/6KQ64b\\r\\nvaxmfh2JVin9HDA0s+k7FH47AgMBAAGjggJlMIICYTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw\\r\\nFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFBeENk9Ff8ytmywZ\\r\\nriIf/+Dxh0PhMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMw\\r\\nYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEF\\r\\nBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wGwYDVR0RBBQwEoIQd3d3\\r\\nLnNpZW1wbGlmeS5jbzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsG\\r\\nAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA\\r\\n8AB2AOJpS64m6OlACeiGG7Y7g9Q+5/50iPukjyiTAZ3d8dv+AAABZ8h7B8gAAAQDAEcwRQIhALDG\\r\\nUqy3IKM5RDiC2gFQcLni9zPU0K+/emeoakaySTBQAiBKbOuHwAPc5o7K9IaQBmoBGysmSkiB2ZYS\\r\\ntN92RVmqjQB2AGPy283oO8wszwtyhCdXazOkjWF3j711pjixx2hUS9iNAAABZ8h7BdQAAAQDAEcw\\r\\nRQIhAPy8EuaFcMgeoGsrD9CK//6YoKnnnoSrBVbXDQM6DkCAAiB6iA1dre97fiuKEoeAKlmn6kha\\r\\nIbMdm4RYL9eA1EtTRDANBgkqhkiG9w0BAQsFAAOCAQEAJSzdIKyiC73v9oe9CABOz2GoZK4wUdnb\\r\\nLI5MupWv2rgZn0Co9gT/9R8mfKjq3ekdzesvhFzGGO6zIi5sHr8zxI2PyjuyLloFfI3EGsBjdDqI\\r\\nNUrpGrr/85+jk0eC2AG7ThA1ryJIApaU790f+e7uIu5ceA7WhwMpGJWF+TWhOSS5lLHhKJ3Ah4C4\\r\\nDErkeXUVpJUp+0VbE8bsigZ2jJh7eI2RsOmG8gHrTW4qPTQGeZFadR3Sfeq4mifk088Uyw3tF3eL\\r\\n9buXQWXi5o2mEsAPUpKTZFeYZqaEGQOM5RCOyO3kN/+OSJNHU+SjQn2SvyMRCCMMj7pAoMlyjvS7\\r\\nVglJKg==\\r\\n-----END CERTIFICATE-----\\n", "keySize": 2048, "mustStaple": false, "sct": true, "sgc": 0, "id": "236a2b12c7f9384f5907724502b8635bc86f4281a543b9d77b7a5a87d1feed2d", "issues": 0, "subject": "CN=www.siemplify.co", "keyAlg": "RSA", "keyStrength": 2048, "notBefore": 1545253164000, "notAfter": 1553029164000, "sha1Hash": "22a53bd913fca0bc60cd5d6e577271585019b2b4", "keyKnownDebianInsecure": false, "dnsCaa": false, "ocspRevocationStatus": 2, "pinSha256": "KBlMyqNKhogFXSV1X6/xpt62dfut1th0XspgxFAtgSY=", "revocationInfo": 2, "sha256Hash": "236a2b12c7f9384f5907724502b8635bc86f4281a543b9d77b7a5a87d1feed2d", "revocationStatus": 2, "sigAlg": "SHA256withRSA", "serialNumber": "039a8feb23ceddc6e7d63baddaadf658ed58", "issuerSubject": "CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US" }], "startTime": 1548162999719, "engineVersion": "1.32.13", "endpoints": [{ "gradeTrustIgnored": "A", "grade": "A", "hasWarnings": false, "serverName": "1.1.1.1.bc.googleusercontent.com", "delegation": 2, "details": { "sims": { "results": [{ "errorCode": 1, "sigAlg": "SHA256withRSA", "attempts": 0, "client": { "version": "2.3.7", "isReference": false, "id": 56, "name": "Android" }, "errorMessage": "Protocol mismatch (not simulated)" }]}, "poodleTls": 1, "freak": false, "sessionTickets": 1, "compressionMethods": 0, "suites": [{ "list": [{ "cipherStrength": 256, "namedGroupName": "secp256r1", "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "namedGroupId": 23, "namedGroupBits": 256, "kxStrength": 3072, "kxType": "ECDH", "id": 49172 }], "protocol": 770, "preference": true },{ "protocol": 771, "preference": true }], "dhPrimes": [ "889c6c058890bda62ced33f067eaf414568910838d4bdc23e3dbef17caf5cf117c1b48f0dd74b03b193af42d011a4b7fde725dc6ab97897a81e0ee81e1af420ce716cec48a862d4f8193709df4c59837c8a5f73006147b3c0b8d531074c83f9c94914150eb29b855d0f93b5c9b125b5eb3a21e2a638eebc50a517872af93dafbecfa137c379139272a0ecbfd5a2b3bba2f2555540a0cd2cec215b2701beaaad208c6ac3e1be79e319f39ccb2d9e1ab21d4a40e5db817bc3baa5d656bdc6764da4d4e750a5db7a0a2c724cb376f6a7a7ef1e4e58ebcdd886fdc25241c76941eaf3197ada60ca0ada91767eb0193c86eb9b9670a46511c3250f5575e04abd5e8cb" ], "fallbackScsv": true, "hpkpRoPolicy": { "pins": [], "status": "absent", "directives": [], "matchedPins": [] }, "rc4WithModern": false, "dhYsReuse": false, "openSSLLuckyMinus20": 1, "hasSct": 1, "supportsAlpn": true, "dhUsesKnownPrimes": 0, "hpkpPolicy": { "pins": [], "status": "absent", "directives": [], "matchedPins": [] }, "staticPkpPolicy": { "serverSignature": "nginx", "poodle": false, "hstsPolicy": { "status": "absent", "LONG_MAX_AGE": 15552000, "directives": { }}, "ocspStapling": false, "protocols": [{ "version": "1.1", "id": 770, "name": "TLS" }], "ticketbleed": 1, "forwardSecrecy": 4, "miscIntolerance": 0, "hstsPreloads": [{ "status": "absent", "source": "Chrome", "hostname": "www.siemplify.co", "sourceTime": 1548162600888}], "drownVulnerable": false, "ecdhParameterReuse": false, "vulnBeast": false, "drownHosts": [], "certChains": [{ "trustPaths": [{ "trust": [{ "isTrusted": true, "rootStore": "Windows" }], "certIds": [ "236a2b12c7f9384f5907724502b8635bc86f4281a543b9d77b7a5a87d1feed2d", "25847d668eb4f04fdd40b12b6b0740c567da7d024308eb6c2c96fe41d9de218d", "0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739" ]}], "noSni": false, "issues": 0 }], "prefixDelegation": true, "supportsAead": true, "alpnProtocols": "h2 http/1.1", "logjam": false, "renegSupport": 2, "heartbleed": false, "heartbeat": true, "sniRequired": true, "sessionResumption": 2, "httpStatusCode": 200, "nonPrefixDelegation": false, "rc4Only": false, "openSslCcs": 1, "bleichenbacher": 1, "httpTransactions": [{ "requestLine": "GET / HTTP/1.1", "requestHeaders": [ "Host: www.siemplify.co", "User-Agent: SSL Labs (https://www.ssllabs.com/about/assessment.html); on behalf of XXX.XXX.XXX.XXX", "Accept: */*" ], "requestUrl": "https://www.siemplify.co/", "fragileServer": false, "responseLine": "HTTP/1.1 200 OK", "responseHeadersRaw": [ "Server: nginx", "Date: Tue, 22 Jan 2019 13:16:44 GMT", "Content-Type: text/html; charset=UTF-8" ], "responseHeaders": [{ "name": "Server", "value": "nginx" }], "statusCode": 200 }], "supportsRc4": false, "drownErrors": false, "hostStartTime": 1548162999719, "protocolIntolerance": 0, "supportsNpn": true, "namedGroups": { "list": [{ "namedGroupType": "EC", "bits": 283, "id": 10, "name": "sect283r1" }], "preference": true }, "npnProtocols": "h2 http/1.1" }, "isExceptional": false, "duration": 96329, "progress": 100, "ipAddress": "1.1.1.1", "statusMessage": "Ready" }], "port": 443 }, "Entity": "https://www.siemplify.co" } ] Ping
Description
Test connectivity to SSL Labs.
Parameters
N/A
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| success | True/False | success:False |
JSON Result
N/A Need more help? Get answers from Community members and Google SecOps professionals.