Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2024-12-29 04:49:44 +01:00
Code Issues Packages Projects Releases Wiki Activity
e4a08b3ed5
testssl.sh/doc
History
Dirk Wetter e92b7326bc Extra warning for certificates >= 5yrs, italics handling for BSDs 
This PR fixes #803 and emit an extra warning if the certificate
has a lifetime longer or equal of five years which happens often
on appliances with self signed certificates. (CAs do not offer
such a long certificate lifetime.) This was tested under Linux,
FreeBSD and OpenBSD. On the latter however we only check the
years as opposed to other OS where we have a finer granularity
(seconds).

On the screen there's only an output if the lifetime is too long,
using JSON or CSV formats, it is always displayed (ID: cert_validityPeriod).

Also this PR changes the ID cert_expiration_status to cert_expirationStatus.

Older FreeBSD and OpenBSD can't deal with italics characters but it output
the escape codes which could result in a different markup. This PR detects
such OS and just doesn't dsiplay the escape sequence.

Also the manpage is reflecting the change and has updates in the server
defaults and standard cipher checks section.
2019-04-09 11:46:53 +02:00
..
testssl.1 Extra warning for certificates >= 5yrs, italics handling for BSDs 2019-04-09 11:46:53 +02:00
testssl.1.html Extra warning for certificates >= 5yrs, italics handling for BSDs 2019-04-09 11:46:53 +02:00
testssl.1.md Extra warning for certificates >= 5yrs, italics handling for BSDs 2019-04-09 11:46:53 +02:00