Benchmark: SSL/TLS Server Configuration Best Practices


SSL is the backbone of a secure internet, and it protects sensitive information by establishing authenticated and encrypted links between networked computers. So it is necessary to provide extra effort to configure your SSL server to provide necessary security against complex SSL-related attacks.

This benchmark performs various standard checks on your server configuration, for example:

  • Do my certificates have a complete chain of trusted certificates?
  • Are my servers using insecure cipher suites or protocols?
  • Are perfect forward secrecy and TLS fallback SCSV enabled on my servers?
  • Do my certificates use RSA keys or ECDSA keys that are too large?


Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-net-insights

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select SSL/TLS Server Configuration Best Practices.

Run this benchmark in your terminal:

powerpipe benchmark run net_insights.benchmark.ssl_configuration_best_practices

Snapshot and share results via Turbot Pipes:

powerpipe benchmark run net_insights.benchmark.ssl_configuration_best_practices --share