nabla-c0d3
diff --git a/‎.github/workflows/scan_apache2_server.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/scan_apache2_server.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/scan_iis_server.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/scan_iis_server.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/scan_nginx_server.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/scan_nginx_server.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/test_module_setup.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/test_module_setup.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎README.md‎
Lines changed: 15 additions & 2 deletions b/‎README.md‎
Lines changed: 15 additions & 2 deletions
diff --git a/‎custom_tls_config_example.json‎
Lines changed: 59 additions & 0 deletions b/‎custom_tls_config_example.json‎
Lines changed: 59 additions & 0 deletions
diff --git a/‎docs/available-scan-commands.rst‎
Lines changed: 1 addition & 1 deletion b/‎docs/available-scan-commands.rst‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/documentation/.buildinfo‎
Lines changed: 1 addition & 1 deletion b/‎docs/documentation/.buildinfo‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/documentation/_static/basic.css‎
Lines changed: 0 additions & 8 deletions b/‎docs/documentation/_static/basic.css‎
Lines changed: 0 additions & 8 deletions
diff --git a/‎docs/documentation/_static/documentation_options.js‎
Lines changed: 1 addition & 1 deletion b/‎docs/documentation/_static/documentation_options.js‎
Lines changed: 1 addition & 1 deletion
@@ -34,7 +34,7 @@ jobs:
           python -m pip install --upgrade pip setuptools
 
       - name: Install SSLyze
-        run: python setup.py install
+        run: python -m pip install -e .
 
       - name: Scan web server
         run: python tests/web_servers/scan_localhost.py apache2
@@ -32,7 +32,7 @@ jobs:
           python -m pip install --upgrade pip setuptools
 
       - name: Install SSLyze
-        run: python setup.py install
+        run: python -m pip install -e .
 
       - name: Scan web server
         run: python tests/web_servers/scan_localhost.py iis
@@ -31,7 +31,7 @@ jobs:
           python -m pip install --upgrade pip setuptools
 
       - name: Install SSLyze
-        run: python setup.py install
+        run: python -m pip install -e .
 
       - name: Scan web server
         run: python tests/web_servers/scan_localhost.py nginx
@@ -24,6 +24,6 @@ jobs:
 
     - name: Test SSLyze module setup
       run: |
-        python setup.py install
+        python -m pip install -e .
         cd docs  # Switch folder to avoid conflicts between ./sslyze and the installed sslyze module
         python ../api_sample.py
@@ -18,7 +18,7 @@ Key features
 * Focus on speed and reliability: SSLyze is a battle-tested tool that is used to reliably scan **hundreds of thousands**
 of servers every day.
 * Easy to operationalize: SSLyze can be directly run from CI/CD, in order to continuously check a server against 
-Mozilla's recommended TLS configuration.
+Mozilla's recommended TLS configurations.
 * Fully documented [Python API](https://nabla-c0d3.github.io/sslyze/documentation/) to run scans directly from any
 Python application, such as a function deployed to AWS Lambda.
 * Support for scanning non-HTTP servers including SMTP, XMPP, LDAP, POP, IMAP, RDP, Postgres and FTP servers.
@@ -82,7 +82,20 @@ mozilla.com:443: FAILED - Not compliant.
     * ciphers: Cipher suites {'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384', 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256', 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256'} are supported, but should be rejected.
 ```
 
-This can be used to easily run an SSLyze scan as a CI/CD step.
+Alternatively, you can check against your own custom TLS configuration by providing a JSON file that follows Mozilla's TLS configuration format:
+
+```
+$ python -m sslyze --custom_tls_config custom_tls_config_example.json mozilla.com
+```
+```
+Checking results against custom TLS configuration.
+
+mozilla.com:443: OK - Compliant.
+```
+
+See `custom_tls_config_example.json` for an example a custom TLS configuration that can be used by SSLyze.
+
+**This functionality can be used to easily run an SSLyze scan as a CI/CD step in order to ensure TLS compliance.**
 
 Development environment
 -----------------------
 
@@ -0,0 +1,59 @@
+{
+    "tls_versions": ["TLSv1.2", "TLSv1.3"],
+    "certificate_types": ["ecdsa", "rsa"],
+    "certificate_curves": ["prime256v1", "secp384r1"],
+    "certificate_signatures": [
+        "ecdsa-with-SHA256",
+        "ecdsa-with-SHA384", 
+        "sha256WithRSAEncryption",
+        "sha384WithRSAEncryption"
+    ],
+    "ciphersuites": [
+        "TLS_AES_256_GCM_SHA384",
+        "TLS_CHACHA20_POLY1305_SHA256",
+        "TLS_AES_128_GCM_SHA256"
+    ],
+    "ciphers": {
+        "caddy": [
+            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
+            "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
+        ],
+        "go": [
+            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
+            "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305"
+        ],
+        "iana": [
+            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
+            "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
+        ],
+        "openssl": [
+            "ECDHE-ECDSA-AES256-GCM-SHA384",
+            "ECDHE-RSA-AES256-GCM-SHA384",
+            "ECDHE-ECDSA-AES128-GCM-SHA256",
+            "ECDHE-RSA-AES128-GCM-SHA256",
+            "ECDHE-ECDSA-CHACHA20-POLY1305",
+            "ECDHE-RSA-CHACHA20-POLY1305"
+        ]
+    },
+    "tls_curves": ["X25519", "prime256v1", "secp384r1"],
+    "rsa_key_size": 2048,
+    "dh_param_size": 2048,
+    "ecdh_param_size": 256,
+    "hsts_min_age": 31536000,
+    "maximum_certificate_lifespan": 90,
+    "recommended_certificate_lifespan": 90,
+    "ocsp_staple": true,
+    "server_preferred_order": false
+}
@@ -163,7 +163,7 @@ Result class
 Insecure Renegotiation
 **********************
 
-**ScanCommand.SESSION_RENEGOTIATION**: Test a server for for insecure TLS renegotiation and client-initiated renegotiation.
+**ScanCommand.SESSION_RENEGOTIATION**: Test a server for insecure TLS renegotiation and client-initiated renegotiation.
 
 Result class
 ============
 
@@ -1,4 +1,4 @@
 # Sphinx build info version 1
 # This file records the configuration used when building these files. When it is not found, a full rebuild will be done.
-config: 094768c3cd394a7960733fba4a2e0033
+config: 23b7099385a204804e49af6cf47f195f
 tags: 645f666f9bcd5a90fca523b33c5a78b7
@@ -741,14 +741,6 @@ abbr, acronym {
     cursor: help;
 }
 
-.translated {
-    background-color: rgba(207, 255, 207, 0.2)
-}
-
-.untranslated {
-    background-color: rgba(255, 207, 207, 0.2)
-}
-
 /* -- code displays --------------------------------------------------------- */
 
 pre {
 
@@ -1,5 +1,5 @@
 const DOCUMENTATION_OPTIONS = {
-    VERSION: '6.1.0',
+    VERSION: '6.2.0',
     LANGUAGE: 'en',
     COLLAPSE_INDEX: false,
     BUILDER: 'html',