Turn off TLSv1 warning in intermediate and above

Question

Turn off TLSv1 warning in intermediate and above

pancho-villa opened this issue 6 years ago · 1 comments

Hello,

As of June 30th TLSv1 is no longer supported for companies that have to adhere to PCI compliance:

https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls

I was wondering if we can remove the warning for not supporting TLSv1. Or perhaps maybe implement a kind of ignore flag array we can pass in to the command line analyze to skip unnecessary warnings. I'm using this on a domain like this:

`$ python3 analyze.py -l intermediate -t https://www.mydomain.com --nagios
www.mydomain.com:443 has obscure or unknown ssl/tls
and DOES NOT comply with the 'intermediate' level

Changes needed to match the intermediate level:

consider enabling TLSv1`

I have rundeck set to run this task daily but it's currently disabled since this is considered an error. I'd be happy to work on the PR but I thought I'd ask first to see what the best option would be.

Answer 1 · 2018-08-29T11:51:41.000Z

analyze is performing the check against Server Side TLS, so it needs to be removed there before it will get removed here