Extra data in certificates
21 April 2024
After fixing a bug that prevented the proper scan of the cryptographic suites used on a TLS server, it was opportune to add some extra data. There are four new fields available:
dh_groups: The list of Diffie Hellman groups used for key exchange, for instance: "RFC3526/Oakley Group 14".
ecdhe_curves: The list of Elliptic curves used in Diffie Hellman, for instance: "prime256v1"
tls12_sig_algs: The list signature algorithms used in TLS 1.2, for instance: "ECDSA+SHA256"
tls13_sig_algs: The list signature algorithms used in TLS 1.3, for instance: "ECDSA+SHA256"
These new fields are available everywhere, including in queries and the API. This example query will give you an overview of all Oaklye groups used in your certificates:
index=certificates dh_groups=*oakley* by dh_groups
Any group below 14 is considered weak these days.