ssllabs_exporter
ssllabs_exporter copied to clipboard
Published
20 hours ago •
anas-aso
anas-aso
SSLLabs stuck at Renegotiation Test
I found there are a lot (~ 6400 events/day) of error logs from SSLLabs that look like this:
"_source": {
"http_bytes": 0,
"http_method": "GET",
"http_path": "https://domain.tld:443/?SSL_Labs_Renegotiation_Test=User_Agent_May_Not_Show",
"http_protocol": "https",
"http_received_bytes": 138,
"http_status": 400,
"http_time_sec": -1,
"http_uri": "/?SSL_Labs_Renegotiation_Test=User_Agent_May_Not_Show",
"http_useragent": "SSL Labs (https://www.ssllabs.com/about/assessment.html)",
"http_version": "1.0",
"http_x_fwd_for": "x.x.x.x",
"request_creation_time": "2022-03-04T08:59:03.877000Z",
"request_processing_time": -1,
"request_protocol": "HTTP/1.0",
"response_processing_time": -1,
"severity": "info",
"source_type": "aws_s3",
"ssl_cipher": "(NONE)",
"ssl_protocol": "TLSv1.2",
"target_processing_time": -1,
"type": "load_balancer"
}
}
It looks like SSLLab test is sticking at Renegotiation test of TLS v1.0(?). And also SSLLab-exporter container can't pull results either which is expected as the test wasn't finished:
{"level":"error","error":"context deadline exceeded","target":"domain.tld","timestamp":"2022-03-01T22:51:36.554160826Z","msg":"failed to fetch updates"}
{"level":"error","error":"context deadline exceeded","target":"domain.tld","timestamp":"2022-03-01T22:51:36.554213881Z","msg":"assessment failed"}
So the exporter is serving stale results.
