Announcement: Scanafi 2.1 General Access release is live.

Scanafi 2.1 is live and available for download

What is Scanafi?

Scanafi is a lightweight utility that enables you to scan hosts on your internal network for SSL/TLS certificates and potential vulnerabilities.

Scanafi performs network discoveries for certificates on port 443 (default) or a set of well-known ports via SSL/TLS and STARTTLS handshakes. It is available as a single executable file for Windows, Linux, and MacOS operating systems.

What's New in this version?

  1. Ability to scan TLS 1.3 protocol: Scanafi 2.1 can now scan a server if the server has TLS 1.3 implemented.
  2. Multi-port support: You can now specify a list of ports (multi-ports) in the Scanafi config file that you want Scanafi to scan for certificates. 
  3. SNI support: Server Name Indication (SNI) allows the server to safely host multiple TLS certificates for multiple sites, all under a single IP address. It adds the hostname of the server (website) to the TLS handshake as an extension in the CLIENT HELLO message. Scanafi can now scan TLS certificates on multiple sites hosted by a single SNI-configured server.
  4. Setting parameters:  Scanafi2.1 is now configured using a JSON configuration file instead of command-line arguments. The JSON configuration file includes credentials to connect to TPP and Condor servers for certificate data upload. Multiple inputs can be specified in the configuration file, allowing you to scan multiple subnets in a single setting.

 Additionally as part of Scanafi we have removed the support for SSL v2 scanning.

Where can I download Scanafi?

To download Scanafi 2.1, visit our Download Portal.

Where is the documentation?

Documentation is available here

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request