Policy NVT to detect wildcard certificates

Dear all.
In some big company with wide range WEB sites/services forbiden to use wildcard certificates.
But for some sites wildcard certificates still present, and for some new site such also happen.
Main idea is to create nasl script (Policy) to detect such violation.
Mayby someone have experiance in creating such nasl script or can point me right direction?


I would run a discovery scan, and then check the certificates for wildcard CN="*." that is already supported and much easier and faster the parsing every certificate.


yep… I understand. but in any case I need NVT and I need to have this info in reports.