Invalid result - many ciphers "failed"
Brought to you by:
ivwhiting
used version: sslscan 1.8.2 precompiled from Ubuntu 14.04 amd64
While using sslscan I noticed that a lot of ciphers were missing compared to the result of https://www.ssllabs.com/ssltest. The missing ciphers were marken in sslscan as "failed", however if I connect to the tested server using openssl s_client the "failed" cipher works without any problems.
Example: sslscan --http --tls1 ssllabs.com:443 marks the cipher "ECDHE-RSA-AES256-GCM-SHA384" as "failed".
Executing "openssl s_client -host ssllabs.com -port 443" results in the cipher ECDHE-RSA-AES256-GCM-SHA384 to be used.
This also happens with other ciphers that use SHA256 and SHA384.
Therefore the result of sslscan is unreliable.