To monitor connection over a specific security protocol type, use the Https_spt.cs custom script. The script checks the connection over specified security protocols. If the system failed to connect to the target URL using the specified protocols, an error alert is generated.

Custom Script File Arguments*
Https_spt.cs “<protocol type>” “<URL>”

Optional: “<keyword>”


Use the following protocols in the <protocol type> argument:

  • ssl3
  • tls
  • tls11
  • tls12
  • any combination of the above-listed types

The <protocol type> parameter is not case sensitive.

How to Check that a Web Application Does Not Use a Specific Security Protocol Type

To make sure that a specific security protocol is not supported, add “invert:” to the <protocol type> argument and specify the protocol after the colon. Note that keyword validation is ignored for the “invert” mode. If the connection was established via the specified protocol, the error alert will be generated.

Arguments Examples

Checks if SSL3 is supported. The “dotcom” keyword is used for response validation.
Https_spt.cs "ssl3" "" "dotcom"

Checks if SSL3 is not supported:

Https_spt.cs "invert:ssl3" ""

Checks if SSL3 or TLS or TLS11 are supported. Keyword validation is not used:

Https_spt.cs "ssl3|tls|tls11" "" "dotcom"