To monitor connection over a specific security protocol type, use the https_spt.cs custom script. The script checks the connection over specified security protocols. If the system failed to connect to the target URL using the specified protocols, an error alert is generated.

Custom Script File Arguments*
https_spt.cs “<protocol type>” “<URL>”

Optional: “<keyword>”


Note that Private Agents require an additional parameter.

-ref “netstandard.dll”

The parameter should be executed on a Private Agent before the other parameters:

https_spt.cs -ref “netstandard.dll” “tls1.2” “”

Use the following protocols in the <protocol type> argument:

  • tls
  • tls11
  • tls12
  • tls13

The <protocol type> parameter is not case sensitive.

How to Check that a Web Application Does Not Use a Specific Security Protocol Type

To make sure that a specific security protocol is not supported, add “invert:” to the <protocol type> argument and specify the protocol after the colon. Note that keyword validation is ignored for the “invert” mode. If the connection was established via the specified protocol, the error alert will be generated.

Arguments Examples

Checks if TLS 1.2  is supported. The “dotcom” keyword is used for response validation.
https_spt.cs "tls12" "" "dotcom"

For Private Agent:

https_spt.cs -ref "netstandard.dll" "tls12" "" "dotcom"

Checks if TLS 1.2  is not supported:

https_spt.cs "invert:tls12" ""