warning for SHA1 sig algo and web servers

This commit is contained in:
Dirk 2016-09-05 10:01:46 +02:00
parent 228296e175
commit c00c98caa2
1 changed files with 6 additions and 2 deletions

View File

@ -4206,7 +4206,11 @@ certificate_info() {
out "$indent" ; pr_bold " Signature Algorithm " out "$indent" ; pr_bold " Signature Algorithm "
case $cert_sig_algo in case $cert_sig_algo in
sha1WithRSAEncryption) sha1WithRSAEncryption)
pr_svrty_mediumln "SHA1 with RSA" pr_svrty_medium "SHA1 with RSA"
if [[ "$SERVICE" == HTTP ]]; then
out " -- besides: users will receive a strong browser warning"
fi
outln
fileout "${json_prefix}algorithm" "MEDIUM" "Signature Algorithm: SHA1 with RSA (warning)" fileout "${json_prefix}algorithm" "MEDIUM" "Signature Algorithm: SHA1 with RSA (warning)"
;; ;;
sha224WithRSAEncryption) sha224WithRSAEncryption)
@ -8756,4 +8760,4 @@ fi
exit $? exit $?
# $Id: testssl.sh,v 1.537 2016/09/01 17:09:11 dirkw Exp $ # $Id: testssl.sh,v 1.539 2016/09/05 08:01:45 dirkw Exp $