From Syhunt Web Application Security Docs

SyhuntHybrid4: SSLSupport

SSL support in the Syhunt scanner relies on two Dynamic Link Library (DLL) files, SSLeay32.DLL and libeay32.DLL, developed by the OpenSSL Project. When these two DLL files are present then SSL support is available, which means that you can scan secure sites with "https" addresses.

When these two DLL files are not present you cannot use SSL to securely access "https" addresses. You can still scan regular "http" addresses.

OpenSSL Installation

The OpenSLL DLL files Ssleay32.dll and Libeay32.dll do not require any special installation procedure. They just need to be present in order to be automaticaly utilized by the scanner.

The standard Syhunt Suite Setup kit copies the OpenSSL DLLs Ssleay32.dll and Libeay32.dll to the installation directory. The standard ZIP distribution includes these files. But they are strictly optional.

The OpenSSL DLL files are not necessary for the normal functioning of the Syhunt scanner. If the OpenSSL DLL files are not present, the scanner still operates normally but without SSL support.

The scanner automatically detects and adjusts to the presence or absence of the OpenSSL DLLs.

Alternative SSL Support

If for any reason you don't want to use the built-in SSL feature, you can use the stunnel (http://www.stunnel.org/) tool as a replacement.

Note: Both stunnel and the Syhunt's built-in SSL feature rely on SSLeay

Using Client Certificates

The Certificates tab of the Hosts screen allows you to configure the client certificates. To view this screen, switch to the Hosts sidebar, select or enter the desired host and go to Certificates tab.

Retrieved from https://www.syhunt.com/docwiki/index.php?n=SyhuntHybrid4.SSLSupport
Page last modified on December 06, 2013, at 01:29 AM