We Have Somewhat Explained How 100/100 Scores Are Determined Qualys SSL Server Test Results Can Be Achieved. However, All 100/100 is Not Usable. As you possibly know that, this website is HSTS website and you can run Qualys SSL Server Test against this website itself – you’ll not notice all the scores are 100/100. If you ask, is it impossible to achieve 100/100 on all aspects? The answer will be no. For practical reasons, we avoid it.
Qualys SSL Server Test : How 100/100 Scores Are Determined
As Qualys SSL Server Test is not ran by us and the software suite is not Free Software, the explanation is based on observations, others opinion, trial and errors. There are four points on the test at the time of publication of this article :
- Certificate
- Protocol Support
- Key Exchange
- Cipher Strength
Qualys SSL Server Test : Certificate
Normally for all standard certificates it is 100/100. Even with Overall Rating F, it will be 100/100 unless the certificate is invalid in some way or the other.
Qualys SSL Server Test : Protocol Support
Protocol Support means support of TLS versions, older SSL versions etc. Plus Other Factors. 90 to 95 is quite easy to achieve.
Advertisement---
Qualys SSL Server Test : Key Exchange
Key exchange is usually that Server RSA key, which we usually use of 2048 bits. If you use 4096 bits, score will become 100/100. However, using 4096 bits RSA can have practical problem.
Qualys SSL Server Test : Cipher Strength
The score depends on the Cipher Suite you are using. If you use a tighter cipher suite :
1 | ECDH+AESGCM256:DH+AESGCM256:ECDH+AES256:SH+AES256:RSA+AESGCM256:RSA+AES256:!aNULL:!MD5:!kEDH |
score will become 100/100. But frankly, the website will be unusable. That has been nicely explained :
1 | http://www.roushtech.net/2014/04/01/100-qualys-ssl-test-a/ |
There are many other parameters, we explained in an easy way.
