Troubleshooting Scanafi¶
Here's some useful information to help you troubleshoot the Scanafi utility.
Scanafi log messages and info:
Number | Log Message | Severity | Full Handshake Yes/No | Additonal Info |
---|---|---|---|---|
1 | Unable to get protocols for "IP Address" error:00ff0001 | Critical | No, only Client Hello | 0x00FF0001 => unable to connect, which prevents Scanafi from getting protocols and thus this error is reported. |
2 | Unable to complete scan for "IP Address" | Critical | No, only Client Hello | If you don't have enough information to proceed with scanning this error is shown, for example, if you cannot retrieve protocols (i.e. #1) you cannot scan for ciphers because those are per protocol and you have 0 protocols. |
3 | Received error: Handshake failed when connecting to host | Critical | No, only Client Hello | Connection Error: Handshake can fail for many reasons. It will take effort to classify these situations and report errors for user's eyes instead of log for developers. |
4 | Received error: Unable to connect to host | Critical | No, only Client Hello | Connection Error: unable to connect, which prevents Scanafi from getting certificates |
5 | Received error: Connection timeout connecting to host | Critical | No, only Client Hello | Connection Error: connection timeout while connecting to host |
6 | Received error: Incomplete parameters provided when connecting to host | Critical | No, only Client Hello | Connection Error: incomplete set of parameters provided while connecting to host |
7 | Received error: Received error: Protocol not supported with host | Critical | No, only Client Hello | Connection Error: connection error with invalid list of protocols provided |
8 | Received error: Received error: Internal error received from host | Critical | No, only Client Hello | Connection Error: internal error while connecting to host, no specific reason |
9 | No error: successful connection to host | |||
10 | Invalid code provided | Critical | No, only Client Hello | Connection Error: (unknown error) – i.e. unable to process/map error code returned by internal APIs |
11 | Ciphers for "IP Address" error: "Error #" | Minor | Connection Error: (unknown error) – i.e. unable to process/map error code returned by internal APIs | |
12 | Unable to get ECC named curves for "IP Address" error: "Error #" | Minor | For a protocol negotiated during handshake, unable to get ECC (Elliptic Curve Cryptography) named curves from a host | |
13 | Unable to check secure renegotiation support for "IP Address" error: "Error #" | Minor | Unable to check if secure renegotiation is supported by a host | |
14 | Unable to check compression support for "IP Address" error: "Error #" | Minor | Unable to check if compression is supported by a host | |
15 | Unable to check client initiated renegotiation support for "IP Address" error: "Error #" | Minor | Unable to check if the client-initiated renegotiation is supported by a host |