The Truffle TLS configuration and compliance Scanner is used to gather TLS configuration and compliance information from UBC web sites. It will investigate TLS ciphers and protocols provided by the underlying web service and determine their compliance with UBC Information Security Standards and alignment with Mozilla Server Side TLS standards. This scan includes checks for expired SSL certificates.
This tool has no system, service, or performance impact.
Features and Benefits
Associated IP Addresses and Host Names
| IP | Hostname | Description |
|---|---|---|
| 142.103.89.34 | truffle.cybersecurity.ubc.ca | TLS Scanner – external public IP |
Performed By
- UBC staff, using UBC equipment
Scan Types
- Scheduled Ongoing – this scan is scheduled to run on an ongoing basis
- On Demand
User Credentials
- All scans performed by this service are non-credentialed and operate with the same level of access as a public user
Network Context
Scan Scope
- Specific Web Sites, as requested
- Web sites and services exposed to the internet
Requesting a Scan
Results
- If any issues are found, Truffle will send an email notification to system administrators every 30 days if the issues is not fixed, or sooner if a certificate has expired.
- Email notifications:
- Come from noreply@truffle.svc.ubc.ca
- Detail the found cipher and protocol combinations, compliance with UBC Information Security Standards, and alignment with Mozilla standards
- View sample notification