httpx icon indicating copy to clipboard operation
httpx copied to clipboard

Published 20 hours ago verified publisher icon projectdiscovery

x509: invalid RDNSequence: invalid attribute value: invalid PrintableString

Open rony0724 opened this issue 2 years ago • 2 comments 

echo https://34.107.18.135:443 | httpx -probe -v

    __    __  __       _  __
   / /_  / /_/ /_____ | |/ /
  / __ \/ __/ __/ __ \|   /
 / / / / /_/ /_/ /_/ /   |
/_/ /_/\__/\__/ .___/_/|_|
             /_/

		projectdiscovery.io

[INF] Current httpx version v1.3.0 (latest)
[DBG] Failed 'https://34.107.18.135:443': GET https://34.107.18.135:443 giving up after 1 attempts: Get "https://34.107.18.135:443": tls: failed to parse certificate from server: x509: invalid RDNSequence: invalid attribute value: invalid PrintableString

curl https://34.107.18.135 -k -v
*   Trying 34.107.18.135:443...
* Connected to 34.107.18.135 (34.107.18.135) port 443 (#0)
* ALPN: offers h2
* ALPN: offers http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
* (304) (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: C=US; ST=New York; O=Symantec Corporation; [email protected]; CN=itechscout.prod.fire.glass; OU=Web Isolation
*  start date: Aug  7 23:31:07 2022 GMT
*  expire date: Aug  7 23:31:07 2023 GMT
*  issuer: CN=itechscout.prod.fire.glass; C=US; ST=New York; O=Symantec Corporation; OU=Web Isolation; [email protected]
*  SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.
> GET / HTTP/1.1
> Host: 34.107.18.135
> User-Agent: curl/7.86.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 404 Not Found
< Date: Fri, 28 Apr 2023 14:15:25 GMT
< Content-Type: text/html; charset=utf-8
< Content-Length: 139
< Connection: keep-alive
< Content-Security-Policy: default-src 'none'
< X-Content-Type-Options: nosniff
< Vary: Accept-Encoding
< 
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>
* Connection #0 to host 34.107.18.135 left intact

rony0724 avatar Apr 08 '23 09:04 rony0724

@rony0724 thanks for reporting this, this issue will be fixed in https://github.com/projectdiscovery/tlsx/issues/232 and indirectly in httpx as well.

ehsandeep avatar Apr 08 '23 12:04 ehsandeep

we are using retryablehttp-go which use system library. we are not using tlsx for ssl/tls connection

ShubhamRasal avatar May 01 '23 17:05 ShubhamRasal

Now works with -ztls option in latest release.

echo https://34.107.18.135:443 | ./httpx -probe  -ztls

    __    __  __       _  __
   / /_  / /_/ /_____ | |/ /
  / __ \/ __/ __/ __ \|   /
 / / / / /_/ /_/ /_/ /   |
/_/ /_/\__/\__/ .___/_/|_|
             /_/

		projectdiscovery.io

[INF] Current httpx version v1.3.1 (latest)
https://34.107.18.135 [SUCCESS]

ehsandeep avatar May 09 '23 21:05 ehsandeep