I have checked one of our servers on www.sslabs.com and dev.sslabs.com and both report "This servers does not mitigate the CRIME attack".
If I understand correctly CRIME attack is possible if TLS Compression is turned on. I checked if TLS compression is on with command:
echo | openssl s_client -connect myserver.mydomain.com:443 2>/dev/null | grep -i "Compression"
and it returns:
Is there something else this test is checking? Is there maybe some false positive?
P.S. I can send private message of server name.