« Fixing an IIS7/isapi_redirect/Tomcat "Service Unavailable" Issue | Main | Apache Tomcat Connectors 1.2.33 Released »


CryptoNark 0.4.7 Released

This is the first new release in about 8 months and this version adds one new feature and one bug fix; both involving certificate and host name validation.

Previous versions of CryptoNark, when run with the --insecure switch, would exit if the host name scanned did not match the common name or subject alternative name bound to the certificate. This made it hard to do things like scan an IP address or scan a single host in a farm of servers to see what ciphers were enabled (or if cipher remediation steps were successful). Now, when the --insecure argument is given, cryptonark will not perform any host name or certificate validation at all, (but it will still perform a cipher scan).

New in this version is a cosmetic change. Previous versions of cryptonark would perform certificate and host name validation but would only output the common name of the certificate. This version now outputs the common name and any subject alternative names that are bound to the certificate.

The main cryptonark page has been updated to reflect this change history and you can download a copy from the Techstacks Downloads page. Thanks again for everyone who has given this tool a try! Please let me know of any issues by sending me a mail at techstacks [at] gmail [dot] com or via twitter @techstacks.



TrackBack URL for this entry:

Listed below are links to weblogs that reference CryptoNark 0.4.7 Released: