Skip to main content
Druva Documentation

How to run the SSL scan

This article applies to:

  • OS: Windows
  • Product edition: inSync Cloud

Overview

This article describes the procedure to run an SSL scan, which is required to troubleshoot communication issues between the inSync Client device and inSync Cloud.

The sslscan command queries SSL/TLS services to determine the supported ciphers and protocols. For more information, see https://www.mankier.com/1/sslscan.

In addition to ping and telnet, this test is used to isolate the communication issue resulting from the following failures:

  • Backups fail with “Server not reachable.”
  • Backup failure with “SSL/certificate error while validating the cloud server.”
  • SSL terminates the proxy that blocks the connection.

SSL scan

  1.  Download SSLScan from link https://code.google.com/archive/p/ss...-win/downloads.
  2. Unzip the archive.
  3. Open the command prompt and navigate to the extracted openssl folder.
  4. Run the scan command as follows and redirect the output as described below:

    sslscan FQDN:Port > ssl_scan_output.txt

    In the above command:
    - FQDN can be the URL to the cloud
    - Port is the instance level port (443, 6061, 80)
    - ssl_scan_output.txt is the text file to which the command output is directed. Redirect the command output to the following files:

    For inSync :
    sslscan  cloud.druva.com:80 > c:\sslscan.txt
    sslscan  cloud.druva.com:6061 > c:\sslscan.txt
    sslscan  cloud.druva.com:443 > c:\sslscan.txt


    Note: The output of the sslscan includes preferred ciphers of the SSL service and protocols.  To suppress the protocols and ciphers from appearing in the output use the --no-failed option in the command as follows.

    sslscan --no-failed cloud.druva.com:443
    sslscan  cloud.druva.com:443


    Successful output:

    TestSuccessful.png

    Failed output:

    FailedOutput.png
  5. Collect the output text files and send them to Druva Support for further analysis.

Next steps

Whitelist all the traffic from *.druva.com. 

The error generally occurs when a proxy alters the certificate so that the client fails to communicate with the cloud.