diff --git a/node_app/get_cert_info.js b/node_app/get_cert_info.js index 381a415..0ce4847 100644 --- a/node_app/get_cert_info.js +++ b/node_app/get_cert_info.js @@ -67,7 +67,7 @@ function get_cert_parameters(element, index, array) { if (e.code ==='ECONNREFUSED') { // The connection was refused by the server (ex. 443 not open, not resonding, etc.) - assert(false, 'Connection to '+element+' refused') + assert(false, 'Connection to '+element+' refused'); var parsed = { 'server': element, 'subject': { @@ -88,7 +88,7 @@ function get_cert_parameters(element, index, array) { } else if (e.code ==='ECONNRESET') { // The connection to the server timed out - assert(false, 'Connection to '+element+' timed out') + assert(false, 'Connection to '+element+' timed out'); var parsed = { 'server': element, 'subject': { @@ -106,6 +106,48 @@ function get_cert_parameters(element, index, array) { }; add_cert_details(parsed, iteration); check_iterations(); + } else if (e.reason.startsWith('Host: '+element+'. is not in the cert\'s altnames')) { + // There is a hostname mismatch between the cert and the server + assert(false, element+' had a hostname mismatch'); + var parsed = { + 'server': element, + 'subject': { + 'org': 'Unknown', + 'common_name': 'Unknown', + 'sans': 'Unknown' + }, + 'issuer': { + 'org': 'Unknown', + 'common_name': 'Hostname mismatch' + }, + 'info': { + 'days_left': '??' + } + }; + add_cert_details(parsed, iteration); + check_iterations(); + } else { + var err = e; + // Catchall for all other errors to prevent the script bombing out + assert(false, 'Connection to '+element+' errored out'); + var parsed = { + 'server': element, + 'subject': { + 'org': 'Unknown', + 'common_name': 'Unknown', + 'sans': 'Unknown' + }, + 'issuer': { + 'org': 'Unknown', + 'common_name': '' + }, + 'info': { + 'days_left': '??' + 'common_name': 'Unspecified error' + } + }; + add_cert_details(parsed, iteration); + check_iterations(); } }) diff --git a/web_service/js/tls-dashboard/certificates.js b/web_service/js/tls-dashboard/certificates.js index 01b12c0..067a958 100644 --- a/web_service/js/tls-dashboard/certificates.js +++ b/web_service/js/tls-dashboard/certificates.js @@ -51,39 +51,6 @@ var cert_info = { } }, "4": { - "server": "barnacl.es", - "subject": { - "common_name": "www.barnacl.es", - "sans": "DNS:www.barnacl.es, DNS:barnacl.es" - }, - "issuer": { - "org": "StartCom Ltd.", - "common_name": "StartCom Class 1 DV Server CA" - }, - "info": { - "valid_from": "2016-04-13T20:08:11.000Z", - "valid_to": "2017-04-13T20:08:11.000Z", - "days_left": 324 - } - }, - "5": { - "server": "www.bitbucket.com", - "subject": { - "org": "Atlassian, Inc.", - "common_name": "*.bitbucket.com", - "sans": "DNS:*.bitbucket.com, DNS:bitbucket.com" - }, - "issuer": { - "org": "DigiCert Inc", - "common_name": "DigiCert SHA2 High Assurance Server CA" - }, - "info": { - "valid_from": "2015-04-10T00:00:00.000Z", - "valid_to": "2017-05-10T12:00:00.000Z", - "days_left": 351 - } - }, - "6": { "server": "www.github.com", "subject": { "org": "GitHub, Inc.", @@ -100,7 +67,7 @@ var cert_info = { "days_left": 723 } }, - "7": { + "5": { "server": "example.dev", "subject": { "org": "Unknown", @@ -115,7 +82,7 @@ var cert_info = { "days_left": "??" } }, - "8": { + "6": { "server": "example.dev", "subject": { "org": "Unknown", @@ -130,7 +97,7 @@ var cert_info = { "days_left": "??" } }, - "9": { + "7": { "server": "danger.example.com", "subject": { "common_name": "danger.example.com", @@ -146,7 +113,7 @@ var cert_info = { "days_left": 15 } }, - "10": { + "8": { "server": "warning.example.com", "subject": { "common_name": "warning.example.com", @@ -162,4 +129,19 @@ var cert_info = { "days_left": 40 } }, + "9": { + "server": "mismatch.example.com", + "subject": { + "org": "Unknown", + "common_name": "Unknown", + "sans": "Unknown" + }, + "issuer": { + "org": "Unknown", + "common_name": "Hostname mismatch" + }, + "info": { + "days_left": "??" + } + } } \ No newline at end of file