GitHub - sureshg/badssl.com: Memorable site for testing clients against bad SSL configs.

Visit badssl.com for a list of test subdomains, including:

Server Setup

Stock Ubuntu VM, DNS A records for badssl.com. and *.badssl.com. pointing to the VM.

Push the code into ~/badssl/ on the server:

make deploy

Set up nginx on the server:

sudo apt-get update
sudo apt-get install nginx

# Link repo into /var/www
sudo ln -s "${HOME}/badssl" /var/www/badssl

sudo ln -s /var/www/badssl/config/nginx.conf /etc/nginx/sites-available/badssl
sudo ln -s /etc/nginx/sites-available/badssl /etc/nginx/sites-enabled/badssl

# Make sure the actual keys are in /etc/keys/
sudo service nginx restart

Other Browser Security Test Sites

SSL Labs Test
tls-o-matic.com
certificate.revocationcheck.com
Safe Browsing:
- testsafebrowsing.appspot.com
  - Also, separate domains for phishing and uwd.
- testsafebrowsing.appspot.com/chrome

Use Cases

crbug.com/477868 uses:
- https://self-signed.badssl.com/test/imported.js
XHR ping URLS to test SHA-1 vs. SHA-256 support:
- https://sha256.badssl.com/test/cors/cors.json
- https://sha1.badssl.com/test/cors/cors.json

Name		Name	Last commit message	Last commit date
Latest commit History 117 Commits
certs		certs
common		common
domains		domains
nginx-includes		nginx-includes
Dockerfile		Dockerfile
Makefile		Makefile
README.md		README.md
badssl.com.png		badssl.com.png
nginx.conf		nginx.conf

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Server Setup

Other Browser Security Test Sites

Use Cases

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

Server Setup

Other Browser Security Test Sites

Use Cases

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Packages