From 6a8d48f20fcbe0d28847fa21a6171834b565304f Mon Sep 17 00:00:00 2001
From: sg420 <dsoesman@protonmail.com>
Date: Thu, 1 Aug 2024 14:13:05 +1000
Subject: [PATCH] Handle certificate unknown error

Sometimes OpenSSL will throw a certificate unknown error that was
previously not handled, causing sslyze to crash.
---
 sslyze/connection_helpers/tls_connection.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sslyze/connection_helpers/tls_connection.py b/sslyze/connection_helpers/tls_connection.py
index 60963349..c56967e7 100644
--- a/sslyze/connection_helpers/tls_connection.py
+++ b/sslyze/connection_helpers/tls_connection.py
@@ -127,6 +127,7 @@ def _open_socket(server_location: ServerNetworkLocation, network_timeout: int) -
     # enabled in the client; for example client only supports EC cipher suites but server returned an RSA certificate
     "wrong certificate type": "Server returned wrong certificate type",
     "invalid encoding": "TLS error: Invalid encoding",
+    "certificate unknown": "TLS alert: certificate unknown"
 }