Skip to content

Adding curve "secp256k1" to SSL configuration causes tracker not to recognize any curves #5990

New issue
New issue
Open
Open
Adding curve "secp256k1" to SSL configuration causes tracker not to recognize any curves#5990
Assignees
h701h
Labels
bugSomething isn't working
@adam2

Description

@adam2
adam2
opened on Dec 12, 2024

Describe the bug
When a domain supports the "secp256k1" curve, the tracker does not report any information about what curves are on the website. It appears to be a bug where if the tracker sees a curve it doesn't know about, the curves section is blank and the domain gets a blue (i) icon instead of a green or red checkmark.

To Reproduce
Steps to reproduce the behavior:

  1. Configure a domain that supports the secp256k1 curve. For Apache running on RedHat Linux, this configuration line will work:
    SSLOpenSSLConfCmd Curves prime256v1:secp256k1:secp384r1:secp521r1
  2. Request a rescan of the domain on the tracker.
  3. Wait until the rescan is complete.
  4. View the results for the domain.
  5. Notice that the Curves information is missing and that the domain now has a blue (i) icon instead of a pass/fail.

Expected behavior
The tracker should list which of the curves are strong, weak, or unknown.

Desktop (please complete the following information):

  • OS: Windows 10 Enterprise
  • Browser Edge
  • Version 131.0.2903.86

Metadata

Metadata

Assignees

Labels

bugSomething isn't working

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions