Policy NVT to detect wildcard certificates

vosytniazhskyi · June 16, 2020, 12:05pm

Dear all.
In some big company with wide range WEB sites/services forbiden to use wildcard certificates.
But for some sites wildcard certificates still present, and for some new site such also happen.
Main idea is to create nasl script (Policy) to detect such violation.
Mayby someone have experiance in creating such nasl script or can point me right direction?

WBR
Vasyl

Lukas · June 16, 2020, 2:15pm

I would run a discovery scan, and then check the certificates for wildcard CN="*." that is already supported and much easier and faster the parsing every certificate.

vosytniazhskyi · June 17, 2020, 1:39pm

yep… I understand. but in any case I need NVT and I need to have this info in reports.

Vasyl