Re: how to get sever certificates chain & the bug of scanning port 443

[David Fifield <david () bamsoftware com>]

On Thu, Mar 07, 2013 at 03:45:26PM +0800, Man Hou wrote:
>     I can use ssl-cert.nse to get server certificate, but I want to get
> server certificates chain. Has the foundation of getting certificates chain
> not been developed?

It has not been developed.

>     I run the latest nmap, the verison 6.25, for geting ssl certificate
> info,but I have a problem as follow:
>      for example:
>      1. put the attachment------temp.csv (this is a url list) to the /
>      2.root@ubuntu-server-12:/#nmap -iL temp.csv -PS 443 -p 443 -v  -n
> --script=ssl-cert.nse  --host-timeout 5s
>         Starting Nmap 6.25 ( http://nmap.org ) at 2013-03-05 17:43 CST
>         NSE: Loaded 1 scripts for scanning.
>         NSE: Script Pre-scanning.
>         nmap: TargetGroup.cc:529: int TargetGroup::return_last_host():
> Assertion `currentaddr.s_addr > startaddr.s_addr' failed.
>         Aborted (core dumped)

Thanks for reporting this. This looks like a bug that is already fixed
in our latest Subversion. The error arises because of the address of one
of the hosts in your input list:

$ host rlh.com.cn
rlh.com.cn has address 255.255.255.255

David Fifield
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/