What software is sending User-Agent "Test Certificate Info"?

user-agent

Google is surprisingly mute on this issue.

In my company's web software error logs, we're seeing multiple individuals with an Apache access log entry that has this in it: ... HTTP/1.1" 500 - "-" "Test Certificate Info"

I have no clue what piece of software this comes from or why it's sending us requests with malformed URLs... but it'd be nice to find out... and perhaps to correct it if it's open source software. :)

(This might be a ServerFault question, but I'm a developer so I figured I'd ask here first.)


Solution 1:

My guess someone read this and didn't end up changing the example code.

Solution 2:

It's used in some sample code on an MSDN blog for getting SSL cert info. So basically it could be any C++ app which has lifted the code from there, or used that as a basis. Or any other app which happens to use the same UA string, of course.

The point in the sample is just to complete the SSL handshake so it can get certificate info, and it seems to pass in an awful lot of NULLs to HttpOpenRequest, so the error is to be expected and rather inconsequential.

Related

Add Source in a subdirectory to a cmake project
C++ ifstream failbit and badbit
C# 4: Real-World Example of Dynamic Types
Turing machine vs Von Neuman machine
iOS5 NSURLConnection methods deprecated
JavaFX 2.1: Toolkit not initialized
What is the booting process for ARM?
Meaning of "=~" operator in shell script [duplicate]
Subprocess check_output returned non-zero exit status 1
How to interpret Poolallocator messages in tensorflow?
How are mutexes implemented?
Visual Studio stuck at "build must be stopped before the solution can be closed"