Python interface and command line client for the SSL Labs APIs.
Switch branches/tags
Nothing to show
Clone or download
jolaf and takeshixx Cached data returned faster; debug logging improved (#9)
* Removed extra sys.exit()s;
_die_on_error() made static;
Minor formatting fixes

* Switched to API v3

* Improved error processing in _handle_api_error()

* Introduced AccessProblem exception to fully replace SystemExit

* Typo fix

* Fixed from_cache requests by adding return_all=done to requests (per API documentation)

* Reverted back to API v2

* Reverted back to API v3

* Unifying of URL parameters order

* Error handling fixed

* errorMessage renamed to error_message

* Minor formatting fix

* _handle_api_error() now returns JSON and prints it for debugging purposes

* Some basic debug logging added

* Exception logging improved

* _trigger_new_assessment() and _poll_api() refactored to allow return of a complete cached result at once if it happens

* Minor fix to logging

* Revert "_handle_api_error() now returns JSON and prints it for debugging purposes"

This reverts commit 8596097.

* Fixied response JSON handling after reverting _handle_api_error() to return Response, not JSON
Latest commit 726f12c May 11, 2018

README.md

python-ssllabs

A Python interface for the Qualys SSL Labs API. It can be used as a command line client for automation tasks or as a module which can be integrated in other projects. It is compatible with Python 2.x/3.x and just depends on the requests module.

Features

  • Resume running assessments.
  • Verbose output, showing progress of running endpoint assessments.
  • Retrieve assessments from cache.

Using the CLI

The CLI by default only prints the scanning results as a JSON object to stdout. It is recommended to parse this output with tools like jq to extract the preferred fields. The following examples show how specific fields can be extracted.

Show only the grade:

$ ssllabs-cli.py --use-cache github.com |jq ".endpoints[] | [.grade, .ipAddress]"             
[
  "A+",
  "192.30.253.112"
]
[
  "A+",
  "192.30.253.113"
]

Check if there are any issues with the provided certificates:

$ ssllabs-cli.py --use-cache github.com |jq -r ".endpoints[] | .details | .chain | .certs[] | .subject, .issues"
CN=github.com,O=GitHub, Inc.,L=San Francisco,ST=California,C=US,2.5.4.17=#13053934313037,STREET=88 Colin P Kelly, Jr Street,2.5.4.5=#130735313537353530,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#0c1450726976617465204f7267616e697a6174696f6e
0
CN=DigiCert SHA2 Extended Validation Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US
0
CN=github.com,O=GitHub, Inc.,L=San Francisco,ST=California,C=US,2.5.4.17=#13053934313037,STREET=88 Colin P Kelly, Jr Street,2.5.4.5=#130735313537353530,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#0c1450726976617465204f7267616e697a6174696f6e
0
CN=DigiCert SHA2 Extended Validation Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US
0

Terms of Use

This is not an official SSL Labs project. Please make sure to read the official Qualys SSL Labs Terms of Use.

Also you should

  • only inspect sites and servers whose owners have given you permission to do so.
  • be clear that this tool works by sending assessment requests to remote SSL Labs servers and that this information will be shared with them.