Open xkill opened 8 years ago
Do you mean it doesn't work against the IP or against each independent SNI domain? For it to work against the IP I guess a reverse lookup should be implemented (you can always do it yourself and feed it to ssl-cipher-enum). If it doesn't work against the domain its another story.
Against independent hostnames:
For example, you can have an IP address with several virtual hosts and different SSL configurations for each host by taking advantage of SNI on TLS.
So ssl-cipher-suite-enum always test against the default SSL configuration of the server without checking the TLS ciphers using different hostnames on the SNI.
The actual version does not support SNI: https://es.wikipedia.org/wiki/Server_Name_Indication
So it does not work fine if there are several SSL configurations for different hostnames.