Failed to parse certificate information

rbsec / sslscan

sslscan tests SSL/TLS enabled services to discover supported cipher suites

GNU General Public License v3.0

2.3k stars 381 forks source link

Failed to parse certificate information #268

Closed NullPointerReference closed 2 years ago

NullPointerReference commented 2 years ago

SSLScan version used: 2.0.13 under Windows 10.

Target host: sso-psd2.raiffeisen.at Error message: Certificate information cannot be retrieved.

Description: No certificate details displayed, probably because the https-call fails, yet the certificates are included in the TLS handshake. SSLScan report for it as a reference: https://www.ssllabs.com/ssltest/analyze.html?d=sso-psd2.raiffeisen.at&hideResults=on

rbsec commented 2 years ago

This seems to be caused by the fact that the SSL_connect() call returns an error - but we don't actually need to successfully connect in order to get the certificate information.

I've implemented what should be a fix in b8d1803 - can you confirm whether that works for you?

NullPointerReference commented 2 years ago

@rbsec Awesome; I compiled master and verified it; it indeed works correctly now; I get the proper certificate info output.