Nmap Development mailing list archives
Re: SSL support in Ncat - confusing server parameters
From: David Fifield <david () bamsoftware com>
Date: Fri, 27 Feb 2009 18:31:34 -0700
On Tue, Feb 17, 2009 at 10:08:37PM -0700, David Fifield wrote:
On Sat, Feb 07, 2009 at 12:06:17PM +0100, Kristof Boeynaems wrote:------------------------------------------------------------------------- 1. Ncat as SSL server - confusing parameters ------------------------------------------------------------------------- The only way I could Ncat get to work as SSL server is by specifying all the SSL parameters, that is, not only --ssh, but also --ssl-key and --ssl-cert. E.g. ./ncat --ssl -l 1111 --ssl-cert /usr/share/doc/libssl-dev/demos/sign/cert.pem --ssl-key /usr/share/doc/libssl-dev/demos/sign/key.pem (Note that I am using a certificate and key that comes with libssl-dev) Now, the fact that the cert and key parameters have to be specified as well, might sound obvious to SSL experts, but I forgot this in first instance, and that returns some obscure errors, depending on the SSL client used to connect to the Ncat server.Maybe we should give instructions for generating a key and certificate, either in the warning message or in the documentation. I used this command to generate files for testing: openssl req -new -x509 -keyout test-key.pem -out test-cert.pem Is that all that's necessary, or should that command be adjusted before being committed to documentation? OpenSSL experts?
I added that command to the SSL section. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- SSL support in Ncat - confusing server parameters and client version issue Kristof Boeynaems (Feb 07)
- Re: SSL support in Ncat - confusing server parameters and client version issue Kristof Boeynaems (Feb 08)
- Re: SSL support in Ncat - confusing server parameters and client version issue Brandon Enright (Feb 08)
- Re: SSL support in Ncat - confusing server parameters and client version issue Kristof Boeynaems (Feb 08)
- Re: SSL support in Ncat - confusing server parameters and client version issue David Fifield (Feb 17)
- Re: SSL support in Ncat - confusing server parameters and client version issue Kristof Boeynaems (Feb 18)
- Re: SSL support in Ncat - client version issue: what do other apps do? David Fifield (Feb 17)
- Re: SSL support in Ncat - client version issue: what do other apps do? Kristof Boeynaems (Feb 17)
- Re: SSL support in Ncat - client version issue: what do other apps do? David Fifield (Feb 18)
- Re: SSL support in Ncat - confusing server parameters and client version issue Brandon Enright (Feb 08)
- Re: SSL support in Ncat - confusing server parameters and client version issue Kristof Boeynaems (Feb 08)
- Re: SSL support in Ncat - confusing server parameters David Fifield (Feb 27)