picture of tbs certificates
picture of tbs certificates
Our products range

SSL/TLS scanning tools

It might be useful to test your certificate installation. That's why we provide this list. We cannot guaranty that non-TBS software will work efficiently.

External server scannaing tools

Those tools require the website or service to be available via the Internet.


CoPiBot is our SSL/TLS certificate diagnostic tool, accessible on your certificate's status page, button "Test your install" or on its dedicated page.

Qualys SSL Labs

Qualys SSL Labs provides a SSL test allowing you to check your certificate installation and your server's SSL/TLS security.

Internal server scanning tools

Those tools might be used on your local network to check if a certificate is correctly installed. This can be especially useful when your server is not available outside your network (intranet, security, etc).


You can simply check your certificate install with Openssl(TBS Documentation). To do so, edit and run the following command:

$ openssl s_client -connect HOSTNAME:PORT -prexit -showcerts -state
  -status -tlsextdebug -verify 10

Open is easily installable via your package/port manager if you are running a Linux/BSD/Unix OS. On Windows, please refer to our Specific Documentation.


You can also use Nmap to detect the ciphers supported on your server. Be careful as the script can be resource costly for your connection.

nmap --script ssl-enum-ciphers -p PORT HOSTNAME


You can use the gnutls-cli too from GnuTLS You can use the gnutls-cli too from GnuTLSto check your certificate's installation and some SSL/TLS configuration information on your server. An official windows executable is provided by GNUTLS. If you wish to use it, please make sure that it is in Windows' PATH environment variable.

  gnutls-cli --insecure --port PORT --print-cert --verbose HOSTNAME
  gnutls-cli-debug --port PORT --verbose HOSTNAME


You can also use the Openssl wrapper, sslscan (website) or its most active fork .

A Windows port also exists, but its development seems halted.

sslscan --no-failed HOSTNAME

You can also use the Openssl-based script, This script allows you to check certification chains, ciphers, protocols, and common vulnerabilities.

This script requires an Unix/Posix operating system with bash and openssl, such as Linux, BSD, Mac OSX, Cygwin (Linux compatibility layer for Windows).

/chemin/vers/ HOSTNAME


Ssleuth (Download page) is an addon for the Mozilla Firefox browser that displays information on the certificate and the established TLS connection.

Since Firefox version 57 (Quantum), the SSLEuth addon is not working anymore. A migration effort toward a newly released API is currently ongoing.

Browser scanning tools

When you are make compatibility checks, it might be useful to check your browsers security.


Qualy SSL Labs provides a test allowing you to check your browser's SSL/TLS security.


The DCSEC research group from Hannover's Leibniz University provides a test allowing you to evaluate your browser's cipher compatibility.


A few security tests are provided by Hanno Böck.