Need to be able to skip SSL Verification #114
Comments
|
@mr-tomr At the moment there is no code that supports self-signed certificates (i.e. don't verify certificates of SSL) Can you provide a patch to support it? |
|
fixed in latest release: https://github.com/OWASP/OFFAT/releases |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Option -s , enables SSL verification and is on by default.
Testing within environments where there are self signed certs, is causing the tool to fail.
Debian (Kali) Certificate for this server is in ca-certificates folder and added. Error message is as follows, server name changed, etc.
[16:49:44] INFO Checking whether host example.com:443 is available tester_utils.py:41
ERROR Unable to connect to host example.com:443 due to error: SSLCertVerificationError(1, tester_utils.py:49
'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate in certificate
chain (_ssl.c:1006)')
ERROR Stopping tests due to unavailibility of host: example.com:443
Also, it appears your error message has the incorrect spelling of unavailability. :)
The text was updated successfully, but these errors were encountered: