SSL/TLS Grade
Qualys SSL Labs's grade for any HTTPS site — TLS version support, cipher suite assessment, certificate chain audit. Cached scans return instantly; fresh scans take ~60-90s.
Why this exists
SSL Labs is the canonical TLS-quality measurement for the public-facing web. It catches weak ciphers, expired certs, missing chain intermediates, downgrade attacks. For vendor-risk checking, it's a one-page summary you can drop in a deal memo. Pair with HTTP Headers Audit for the application-layer security view.
Frequently asked questions
What does SSL/TLS Grade test?
Qualys SSL Labs's comprehensive TLS server test — TLS version support, cipher suite quality, certificate chain validation, perfect forward secrecy, vulnerability checks (Heartbleed, POODLE, etc.). Returns the canonical A+ through F grade per endpoint.
What's the cached vs. fresh-scan tradeoff?
Cached returns SSL Labs's most recent scan if available (usually <24h old) — instant. Fresh kicks off a new assessment, takes 60-90s upstream, and the page polls every 10s until READY. Use cached for quick checks, fresh when verifying a recent cert change or post-remediation.
Is SSL Labs the canonical TLS test?
Yes for public-facing internet servers — Qualys SSL Labs is the de-facto industry standard. The grade methodology is open and updates yearly. SSL Server Test is what every vendor security questionnaire references when asking 'what's your SSL Labs grade?'