From 6966e0d19b389f78c97f55ab3b2318a5cda41e08 Mon Sep 17 00:00:00 2001
From: Luca Deri <deri@ntop.org>
Date: Wed, 11 Sep 2019 17:13:49 +0200
Subject: Added STUN check to avoid false positives Added fingerprint comments
 in SSH/TLS Added netflow test pcap

---
 src/lib/protocols/tls.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'src/lib/protocols/tls.c')

diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index 3e0e295c5..5c8e2b18b 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -30,6 +30,19 @@
 
 // #define DEBUG_TLS 1
 
+/*
+  NOTE
+
+  How to view the certificate fingerprint
+  1. Using wireshark save the certificate on certificate.bin file as explained
+     in https://security.stackexchange.com/questions/123851/how-can-i-extract-the-certificate-from-this-pcap-file
+
+  2. openssl x509 -inform der -in certificate.bin -text > certificate.der
+  3. openssl x509 -noout -fingerprint -sha1 -inform pem -in certificate.der
+     SHA1 Fingerprint=15:9A:76....
+
+ */
+
 #define NDPI_MAX_TLS_REQUEST_SIZE 10000
 
 /* skype.c */
-- 
cgit v1.2.3