From 5293c51bc48e9309a352bce4c4d641e091cfa889 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20K=C3=A4hn?= Date: Thu, 4 May 2017 11:09:27 +0200 Subject: [PATCH] Alert on missing SANs --- testssl.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/testssl.sh b/testssl.sh index 9a4b4ee..5a062a1 100755 --- a/testssl.sh +++ b/testssl.sh @@ -5761,10 +5761,9 @@ certificate_info() { pr_italic "$(out_row_aligned_max_width "$all_san" "$indent " $TERM_WIDTH)" fileout "${json_prefix}san" "INFO" "subjectAltName (SAN) : $all_san" else - out "-- " - fileout "${json_prefix}san" "INFO" "subjectAltName (SAN) : --" + prln_svrty_high "missing (NOT ok)" + fileout "${json_prefix}san" "HIGH" "subjectAltName (SAN) : --" fi - outln out "$indent"; pr_bold " Issuer " #FIXME: oid would be better maybe (see above) issuer="$($OPENSSL x509 -in $HOSTCERT -noout -issuer -nameopt multiline,-align,sname,-esc_msb,utf8,-space_eq 2>>$ERRFILE)"