Re: SSL Discovery

[Patrik Karlsson <patrik () cqure net>]

Jim,

This patch may or may not do what you are looking for.
In order to get the chain and dates you should run the ssl-cert script in
verbose mode like this:
nmap -v -p 443 <host> --script ssl-cert

The XML results should not be affected by the verbosity level and should
always contain the information you are looking for.

-Patrik


On Thu, Oct 3, 2013 at 2:38 PM, Carlberg Jr.,William J. <
William.Carlberg () cna com> wrote:

> Hi, are there any plans to add the full SLL chain to the discovery process
> when using nmap to scan a network for SSL certificates. We really like the
> ability to determine when certs were created and when they will expire. We
> would like that feature for the complete SSL chain.
>
>
> Thanks
>
> Jim Carlberg
> 312-822-6790
>
>
>
>
>
> NOTICE:  This e-mail message, including any attachments and appended
> messages, is for the sole use of the intended recipients and may contain
> confidential and legally privileged information.
> If you are not the intended recipient, any review, dissemination,
> distribution, copying, storage or other use of all or any portion of this
> message is strictly prohibited.
> If you received this message in error, please immediately notify the
> sender by reply e-mail and delete this message in its entirety.
> _______________________________________________
> Sent through the dev mailing list
> http://nmap.org/mailman/listinfo/dev
> Archived at http://seclists.org/nmap-dev/



-- 
Patrik Karlsson
http://www.cqure.net
http://twitter.com/nevdull77
http://www.linkedin.com/in/nevdull77

Attachment: sslverify.patch
Description:

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/