Best IT Recipes

What software sends the User-Agent "Test Certificate Info"?

Google is surprisingly dumb on this issue.

In my company’s web software error logs, we see several users with an Apache access log entry that has this: ... HTTP / 1.1 "500 -" - "Test certificate information"

I don’t know what part of the software it comes from or why it sends us requests with malformed URLs ... but it would be nice to find out ... and maybe fix it if it opens the source software. :)

(This might be a ServerFault question, but I'm a developer, so I decided I'd first ask here.)

+54
user-agent
Jun 22 2018-10-22T00:
source share
3 answers

My guess is that someone read this and did not change the example code.

+52
Jun 22 '10 at 21:29
source share

It is used in some sample code on the MSDN blog to get SSL certificate information. Thus, basically it can be any C ++ application that canceled the code from there or used it as a basis. Or any other application that, of course, uses the same UA string.

The point in the sample is simply the completion of the SSL handshake so that it can receive certificate information, and it seems to go a lot from NULL to HttpOpenRequest , so the error should be expected and, rather, not significant.

+9
Jun 22 '10 at 21:33
source share

For those of you who do not want your logs to be spammed using this script, you can add the following filteringRules to your web.config file to completely block the user agent:

 <?xml version="1.0" encoding="utf-8"?> <configuration> <system.webServer> <security> <requestFiltering> <filteringRules> <filteringRule name="Block Bad User Agent" scanUrl="false" scanQueryString="false"> <scanHeaders> <add requestHeader="User-Agent" /> </scanHeaders> <denyStrings> <add string="Test Certificate Info" /> </denyStrings> </filteringRule> </filteringRules> </requestFiltering> </security> </system.webServer> </configuration>
0
Feb 06 '19 at 2:59
source share


More articles:


All Articles