sslscan_steps provides cucumber step definitions for executing SSL/TLS protocol scans with the sslscan tool.
It uses the sslscan_wrapper gem for interaction with sslscan.
In your Gemfile:
gem 'sslscan_steps'In your support/env.rb:
require 'sslscan_steps'Use the steps in your feature files:
Feature: SSL/TLS protocol parameters
To be a responsible site operator my website must support
state-of-the-art encryption protocols.
Scenario: Host must support strong encryption
Given the target host for sslscan is markusbenning.de
And the target port for sslscan is 443
When the sslscan is executed
Then the scanned hostname is markusbenning.de
Then the scanned host certificate signature algorithm is sha256WithRSAEncryption
Then the scanned host certificate is not self-signed
Then the scanned host certificate is not expired
Then the scanned host is not vulnerable to heartbleed
Then the scanned host must support the cipher ECDHE-RSA-AES128-GCM-SHA256
Then the scanned host must support sslversion TLSv1.2See features/.