SSL/TLS configuration, figure it out!

There are several ways to figure out  the SSL/TLS configuration of a webserver. If you're dealing with an Internet facing server, the quickest solution is to use a webpage like www.ssllabs.com or www.serversniff.net (Webserver -> SSL Info). SSLLabs will give a "management friendly" presentation of a server's SSL/TLS configuration, underlining that you need not be all l33t H4x0r to uncover a lax security config.

Another option is to use a standalone tool, such as ssldigger — or Mozilla Firefox! SSL ciphers can easily be enabled and disabled through the Firefox advanced configuration. Simply enter "about:config" in the address bar to access all Firefox configuration options. To filter the options for SSL/TLS, input "security" in the filter bar.

Firefox SSL/TLS configuration

All supported SSL/TLS cipher suites are listed and can be enabled or disabled at will.

SSL/TLS negotiates a cipher suite based on the list of supported cipher suites on the client and server. I.e. the client sends a list of supported cipher suites, and the server selects its preferred suite. If no common suite is found, the setup of the connection fails.

To figure out which encryption method has been selected for a particular site, check out "Security" under "Tools" -> "Page info". You can also double click on the padlock, or the green name in the address bar, while visiting a site using HTTPS.

Easy, huh? :)