Closed
Description
Is there any config option to disable SSL verification? It's very common to have invalid/misplaced ssl certificate when trying to reach host via IP (not FQDN). Also it would be very useful when certificates are self-signed.
Jul 11, 2020 3:46:08 PM com.google.tsunami.plugins.detectors.credentials.ncrack.NcrackWeakCredentialDetector isWordPressService
WARNING: Unable to query 'http://<ip-address>/wp-login.php'.
javax.net.ssl.SSLPeerUnverifiedException: Hostname 10.72.101.77 not verified:
certificate: sha256/A1CYziHdbvXQPQyM1htVAP2h7Gv55fP4jfXGQneU7VI=
DN: CN=*.example.com, OU=Example, O=Example, L=City, C=Country
subjectAltNames: [example.com, *.example.com]
Activity