Idea ID: 2683889

Enhance BBCUTIL to show / test communication security protocols being used

Status : Delivered
over 1 year ago

Enhance Bbcutil to show / test protocols in use by

  1. a) Show the SSL/TLS protocols the target node is actively configured to allow
  2. b) Be able to test a target node using various / recent communications protocols

Currently, there is no easy way to show which TLS/SSL protocols are actually in use on any given node using OA/BBC communications.

You can see what is currently configured (via ovconfget etc.), but this is no guarantee that the agent has been restarted following a configuration change to apply the change.

3rd party tools can be used to check accessibility over different protocols, such as openssl or curl - however, some utilities are not installed by default on some OS's.

This ER is to request OA native functionality to see the configured security attributes (communications protocol - enabled ciphers would be a bonus) using bbcutil -status, and to be able to test / check connections using specified protocols using bbcutil -ping (such as with an additional option like '-protocol tlsv1') – i.e. using OA native commands