What software is sending User-Agent "Test Certificate Info"?

tags:

user-agent

views:

answers:

+2 Q:

What software is sending User-Agent "Test Certificate Info"?

Google is surprisingly mute on this issue.

In my company's web software error logs, we're seeing multiple individuals with an Apache access log entry that has this in it: ... HTTP/1.1" 500 - "-" "Test Certificate Info"

I have no clue what piece of software this comes from or why it's sending us requests with malformed URLs... but it'd be nice to find out... and perhaps to correct it if it's open source software. :)

(This might be a ServerFault question, but I'm a developer so I figured I'd ask here first.)

+2 A:

My guess someone read this and didn't end up changing the example code.

Andrew Song 2010-06-22 21:29:16

So far, that's our guess too.

Ein2015 2010-06-22 21:34:38

+1 for cargo cult programming

BlueRaja - Danny Pflughoeft 2010-06-22 22:09:25

+1 A:

It's used in some sample code on an MSDN blog for getting SSL cert info. So basically it could be any C++ app which has lifted the code from there, or used that as a basis. Or any other app which happens to use the same UA string, of course.

The point in the sample is just to complete the SSL handshake so it can get certificate info, and it seems to pass in an awful lot of NULLs to HttpOpenRequest, so the error is to be expected and rather inconsequential.

Chris Smith 2010-06-22 21:33:19

Thanks! It's not causing us problems... we just wanted to know if we should go ahead and start filtering it out of our error log emails. :)

Ein2015 2010-06-22 21:56:47

ansaurus

tags:

views:

answers:

What software is sending User-Agent "Test Certificate Info"?

related questions