search

mozilla / tls-observatory

An observatory for TLS configurations, X509 certificates, and more.
Mozilla Public License 2.0
534 stars 88 forks source link

Scan API doesn't return results #414

Closed ahmetgunes closed 3 years ago

ahmetgunes commented 3 years ago

Hi, sorry if I'm breaking the contribution guidelines but I couldn't find the correct way. I'm having problems with the TLS Observatory Public API.

The problem

My issue is that when using the TLS Observatory Public API for the Results endpoint never gets completed. This can also be observed from the Web UI

The issue started to appear around 10.12.2020

To reproduce

curl --location --request POST 'https://tls-observatory.services.mozilla.com/api/v1/scan?target=google.de&rescan=true'
## Retrieve the scan id from the result
curl --location --request GET 'https://tls-observatory.services.mozilla.com/api/v1/results?id=SCAN_ID'

The complete_percentage parameter in the response of Results request is always empty.

Sample Response

{
    "id": 41725109,
    "timestamp": "2020-12-15T13:35:56.387536Z",
    "target": "google.de",
    "replay": -1,
    "has_tls": false,
    "cert_id": -1,
    "trust_id": -1,
    "is_valid": false,
    "completion_perc": 0,
    "connection_info": {
        "scanIP": "",
        "serverside": false,
        "ciphersuite": null,
        "curvesFallback": false
    },
    "ack": false,
    "attempts": 0,
    "analysis_params": {}
}

Please let me know if I can provide anything else.

Thank you in advance.

gene1wood commented 3 years ago

This was also reported in mozilla/http-observatory#441

g-k commented 3 years ago

The truststores were out of date and the scanners were dying.

Fixed with #417 and #418.