Lab 05 — TLS Deep Dive¶
Hands-on lab · ← Back to the module concept
Setup¶
This is a reference lab — it ships a one-command environment in the companion
plaintext-labs repo:
git clone https://github.com/plaintext-security/plaintext-labs
cd plaintext-labs/cryptography/05-tls-deep-dive
make up # build nginx with weak config + testssl.sh container
make demo # scan the weak config, show findings, switch to strong config, rescan
make shell # drop into the testssl container
make down # stop when done
Everything runs locally. The nginx server is on the Docker bridge network — no external connections needed.
Scenario¶
Corp's external security assessment found their internal API gateway is running nginx with TLS 1.0 enabled and several weak cipher suites. You have been asked to: reproduce the assessment findings, understand each one, apply the Mozilla "modern" TLS profile, and rescan to confirm the findings are resolved.
Do¶
-
[ ]
make demo— watch testssl.sh scan the weak nginx configuration. Record: which TLS versions are supported, which cipher suites are flagged, and any certificate findings. -
[ ]
make shelland rescan the weak nginx yourself withtestssl.sh, filtering to the serious findings. For each HIGH or CRITICAL: which cipher suite or setting causes it, and which property does it undermine (forward secrecy, authentication, confidentiality)? -
[ ] Open the weak nginx config (
data/nginx-weak.conf) and map each scanner finding back to the specific directive that produces it. Whichssl_protocols/ssl_cipherslines are the root causes? -
[ ] Apply the Mozilla "modern" profile. Use the Mozilla SSL Configuration Generator to derive the correct
ssl_protocols,ssl_ciphers,ssl_prefer_server_ciphers, and HSTS directives, write them intodata/nginx-strong.conf, reload nginx with the strong config (make reload-strong), and rescan. How many findings remain? -
[ ] Inspect the negotiated handshake directly with
openssl s_clientagainst the strong server. What protocol and cipher suite were negotiated, which key-exchange algorithm is in use, and is it forward-secret? -
[ ] Write
tls-audit-report.md: a table with finding name, severity, affected property, weak config directive, and strong config fix for the top five findings.
Success criteria — you're done when¶
- [ ] You identified the weak config's HIGH/CRITICAL findings and their root causes.
- [ ] You applied the Mozilla modern profile and confirmed the findings are resolved.
- [ ] You used
openssl s_clientto inspect the negotiated cipher and protocol. - [ ] You produced a
tls-audit-report.mdwith finding → root cause → fix.
Deliverables¶
tls-audit-report.md — your five-finding table. Commit it.
Automate & own it¶
Required. Write a shell script tls-check.sh that runs testssl.sh against a host:port,
parses the output for HIGH and CRITICAL severity findings, and exits non-zero if any are
found. Wire it into a GitHub Actions workflow that runs the check against a test endpoint on
every PR. Have an AI draft the grep/awk parsing; you verify the exit code is non-zero when
HIGH findings are present.
AI acceleration¶
Paste the testssl.sh output line for a specific HIGH finding into an AI and ask: "What is this TLS finding, what can an attacker do if this is present, and what is the nginx configuration change that fixes it?" Verify the nginx fix against the Mozilla SSL Configuration Generator output for the "modern" profile.
Connects forward¶
The cipher suite knowledge from this module is the foundation for module 06 (PKI & Certificate Management) — a properly configured CA needs to issue certificates with strong signature algorithms — and module 10 (Auditing Applied-Crypto Failures), where you audit a matrix of TLS configurations and score the delta.
Marketable proof¶
"I ran testssl.sh against a weak TLS configuration, identified HIGH/CRITICAL findings, applied the Mozilla modern TLS profile, and confirmed all findings were resolved — producing an audit evidence report."
Stretch¶
- Use Wireshark (or
tcpdump + tshark) to capture the TLS 1.3 handshake and decode the ClientHello. Identify: supported groups, signature algorithms, and ALPN extensions. What does the ServerHello contain? - Research HSTS preloading: what is
includeSubDomainsandpreloadin theStrict-Transport-Securityheader, what is the preload list, and what is the risk of submitting a domain before you're ready?
Comments
Sign in with GitHub to comment. Choose the type: Feedback (errors or suggestions on this page) · Hints (help for fellow learners — no spoilers) · General (anything else).