testssl.sh/etc/README.md

25 lines
1.1 KiB
Markdown
Raw Normal View History

2016-03-13 20:38:06 +01:00
#### Certification stores
The certificate stores were retrieved by
* Mozilla; see https://curl.haxx.se/docs/caextract.html
2016-03-13 21:10:00 +01:00
* Linux: Just copied from a up-to-date Linux machine
2016-03-13 20:38:06 +01:00
* Microsoft: under Windows >= 7,2008 MS decided not to provide
2016-03-13 21:10:00 +01:00
a full certificate store bu default/via update as other OS.
It's being populated with time -- supposed you use e.g. IE while browsing.
This store was destilled from three different windows installations via
certmgr.msc and is an export of "Trusted Root Certification Authorities"
--> "Certificates". Third Party Root Certificates were for now deliberately
omitted. Feedback is welcome, see #317.
2016-03-13 20:38:06 +01:00
2016-03-13 21:10:00 +01:00
In this directory you can also save e.g. your company Root CA(s) in PEM
format, extension ``pem``. This has two catches momentarily: You will still
get a warning for the other certificate storesthough while scanning internal
networks. If you scan other hosts in the internet the check against your
Root CA will fail, too. This will be fixed in the future, see #230.
2016-03-13 20:38:06 +01:00
#### Mapping file
The file mapping-rfc.txt uses the hexcode to map OpenSSL names
2016-03-13 21:10:00 +01:00
against the RFC/IANA names