Open jschlyter opened 10 years ago
OpenSSL examples
openssl s_client -connect www.google.se:443
openssl s_client -servername www.google.se -connect www.google.se:443
openssl s_client -servername www.google.dk -connect www.google.se:443
openssl s_client -servername www.google.xx -connect www.google.se:443
sslyze examples
python sslyze.py --certinfo=full --regular --sni=www.google.se www.google.se:443
python sslyze.py --certinfo=full --regular --sni=www.google.dk www.google.se:443
python sslyze.py --certinfo=full --regular --sni=www.google.xx www.google.se:443
Fix for SNI checked into https://github.com/kirei/sslyze/commit/a6d82efb1cd3f7f0e4236467fadd0dd1edd6b06d
The behaviour in sslyze imho now matches the behaviour in openssl.
Even more fixed: https://github.com/kirei/sslyze/commit/5a4c12edde37a0d602c6f1bcfbfb14ccb47bd856
Now hostname validation fails for the google.xx example with SNI-enabled.
Another example that shows SAN-match:
python sslyze.py --certinfo=basic --sni=youtube.com www.google.se:443
SNI should work better.