This has been a project that has taken WAY to long to complete not because it was difficult but because I was just busy. But now it’s a priority to get it done as I need to consume SkypeValidator.com API’s in a MUCH more friendly process. So today I’m excited to announce version 2.0 of the SkypeValidator API’s.
What can you do with them? There are currently seven exposed API’s for you to access and use. So let’s go through them:
HTTP Method | Endpoint | Function |
GET | /CheckCertificate | Validate state of certificate. Thanks to DigiCert for powering this tool. |
GET | /CheckDNSARecord | Check DNS A Record returns expected value |
GET | /CheckDNSSrvRecord | Check DNS SRV Record returns expected value |
GET | /CheckOwas | Check Office Web App Server returns expected value |
GET | /CheckPing | Check if you can ping server with return time |
GET | /CheckPort | Check is TCP or UDP port is open |
GET | /CheckSSLCipher | Check what SSL Ciphers are open for an address |
So I’m in the process of documenting each of these but let’s review the SSL Cipher Check as an example. So our available methods is a GET command and we would issue that against https://gcmsdk.azurewebsites.net/CheckSSLCipher/{guid}/{fqdn}/{port}
As you can see, there are three query string parameters for this command.
GUID: is a string value that is your API Key. How do you get one, just e-mail me (richard -at- masteringlync.com). The only reason I have the API key is so I know who is hitting the server. There are no plans to charge for this but since it’s hosted in Azure and processing/network can cost money if you decide to make 1 billion requests in a month we might need to chat.
FQDN: should make sense. It’s the FQDN.
PORT: what port are we checking on.
We can issue this via a curl command if we wanted to or via anything that can run a get command. Our return value then is something like this:
--url 'https://gcmsdk.azurewebsites.net/CheckSSLCipher/{guid}/sipdir.online.lync.com/443'
--include</code></pre>
OR
Powershell> Invoke-RestMethod -Url https://gcmsdk.azurewebsites.net/CheckSSLCipher/{guid}/sipdir.online.lync.com/443
And that would return:
{
"FQDN":"sipdir.online.lync.com",
"Port":443,
"CipherSuite":"SSL 2.0",
"CipherAlgorithm":"N/A",
"Result":"Disabled"
},
{
"FQDN":"sipdir.online.lync.com",
"Port":443,
"CipherSuite":"SSL 3.0",
"CipherAlgorithm":"N/A",
"Result":"Disabled"
},
{
"FQDN":"sipdir.online.lync.com",
"Port":443,
"CipherSuite":"TLS 1.0",
"CipherAlgorithm":"Aes256",
"Result":"Enabled"
},
{
"FQDN":"sipdir.online.lync.com",
"Port":443,
"CipherSuite":"TLS 1.1",
"CipherAlgorithm":"Aes256",
"Result":"Enabled"
},
{
"FQDN":"sipdir.online.lync.com",
"Port":443,
"CipherSuite":"TLS 1.1",
"CipherAlgorithm":"Aes256",
"Result":"Enabled"
}
]
And there you have it. We can see that Microsoft is supporting TLS 1.0, 1.1 and 1.2 on their Edge Servers. Which makes sense as they have announced they will be disabling TLS 1.0 at the end of October.
1 COMMENTS