Nmap Development mailing list archives

Re: Nmap gets confused when SSL cert expiration is far in the future

From: Daniel Miller <bonsaiviking () gmail com>
Date: Thu, 9 Apr 2015 08:08:41 -0500

Teppo,

Thanks for reporting this. Our date parsing code was looking for a string
length of 14 (the number of digits in ASN.1 GeneralizedTime), but needed to
check for 15 (to include the 'Z' at the end). I fixed this in r34409.

Dan

On Wed, Apr 8, 2015 at 9:07 AM, Teppo Turtiainen <teppot () iki fi> wrote:

Hi,

Nmap seems to get confused when an SSL certificate expiration date is far
in the future:

| Not valid after:  Can't parse; string is "21150314130947Z"

The cert was created automatically by the Cockpit server manager software (
http://cockpit-project.org/).

nmap --version output:

Nmap version 6.47 ( http://nmap.org )
Platform: armv7hl-redhat-linux-gnu
Compiled with: liblua-5.2.2 openssl-1.0.1i libpcre-8.35 libpcap-1.6.2
nmap-libdnet-1.12 ipv6
Compiled without:
Available nsock engines: epoll poll select

Thanks,
Teppo Turtiainen


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Nmap gets confused when SSL cert expiration is far in the future Teppo Turtiainen (Apr 09)
- Re: Nmap gets confused when SSL cert expiration is far in the future Daniel Miller (Apr 09)