`routines:tls12_check_peer_sigalg:wrong curve` when scanning `serviceportal.schleswig-holstein.de`
muffl0n opened this issue · comments
Describe the bug
Scan for serviceportal.schleswig-holstein.de
fails:
* Error when running --elliptic_curves:
You can open an issue at https://github.com/nabla-c0d3/sslyze/issues with the following information:
* SSLyze version: 5.0.5
* Server: serviceportal.schleswig-holstein.de:443 - HTTP proxy at 127.0.0.1:8888
* Scan command: elliptic_curves
Traceback (most recent call last):
File "/usr/local/Cellar/sslyze/5.0.5_1/libexec/lib/python3.10/site-packages/sslyze/scanner/_mass_scanner.py", line 267, in _generate_result_for_completed_server_scan
scan_cmd_result = plugin_implementation_cls.result_for_completed_scan_jobs(
File "/usr/local/Cellar/sslyze/5.0.5_1/libexec/lib/python3.10/site-packages/sslyze/plugins/elliptic_curves_plugin.py", line 169, in result_for_completed_scan_jobs
all_ecdh_results = [scan_job.get_result() for scan_job in scan_job_results]
File "/usr/local/Cellar/sslyze/5.0.5_1/libexec/lib/python3.10/site-packages/sslyze/plugins/elliptic_curves_plugin.py", line 169, in <listcomp>
all_ecdh_results = [scan_job.get_result() for scan_job in scan_job_results]
File "/usr/local/Cellar/sslyze/5.0.5_1/libexec/lib/python3.10/site-packages/sslyze/plugins/plugin_base.py", line 61, in get_result
raise self._exception
File "/usr/local/Cellar/sslyze/5.0.5_1/libexec/lib/python3.10/site-packages/sslyze/scanner/_jobs_worker_thread.py", line 50, in run
return_value = job_to_complete.function_to_call(*job_to_complete.function_arguments)
File "/usr/local/Cellar/sslyze/5.0.5_1/libexec/lib/python3.10/site-packages/sslyze/plugins/elliptic_curves_plugin.py", line 213, in _test_curve
ssl_connection.connect()
File "/usr/local/Cellar/sslyze/5.0.5_1/libexec/lib/python3.10/site-packages/sslyze/connection_helpers/tls_connection.py", line 294, in connect
self.ssl_client.do_handshake()
File "/usr/local/Cellar/sslyze/5.0.5_1/libexec/lib/python3.10/site-packages/nassl/ssl_client.py", line 182, in do_handshake
self._ssl.do_handshake()
nassl._nassl.OpenSSLError: error:1414D17A:SSL routines:tls12_check_peer_sigalg:wrong curve
To Reproduce
Steps to reproduce the behavior:
- Install SSLyze using homebrew
- Run the following command
sslyze serviceportal.schleswig-holstein.de
- See error
Expected behavior
no error
Python environment (please complete the following information):
- OS: macOS Big Sur (11.6.8)
- Python version: 3.10
Fix released as part of v5.0.6.