diff --git a/CHANGELOG b/CHANGELOG
index aa7e013e2..a8a6349c3 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -25,10 +25,13 @@ o [Windows] Add support for the new loopback behavior in Npcap 0.9983. This
Adapter to be installed, which was a source of problems for some users.
[Daniel Miller]
-o [NSE][GH1837] Nmap no longer crashes when SMB scripts, such as smb-ls, call
+o [NSE][GH#1876] XML output from script ssl-cert now includes RSA key modulus
+ and exponent [nnposter]
+
+o [NSE][GH#1837] Nmap no longer crashes when SMB scripts, such as smb-ls, call
smb.find_files [nnposter]
-o [NSE][GH1802] The MongoDB library was causing errors when assembling protocol
+o [NSE][GH#1802] The MongoDB library was causing errors when assembling protocol
payloads. [nnposter]
o [NSE][GH#1781][GH#1796] The RTSP library was not correctly generating request
diff --git a/scripts/ssl-cert.nse b/scripts/ssl-cert.nse
index d22becf48..4fecf3d0a 100644
--- a/scripts/ssl-cert.nse
+++ b/scripts/ssl-cert.nse
@@ -7,6 +7,7 @@ local string = require "string"
local table = require "table"
local tls = require "tls"
local unicode = require "unicode"
+local have_openssl, openssl = pcall(require, "openssl")
description = [[
Retrieves a server's SSL certificate. The amount of information printed
@@ -101,6 +102,8 @@ certificate.
--
-- rsa
-- 2048
+-- DF40CCF2C50A0D65....35B5927DF25D4DE5
+-- 65537
--
-- sha1WithRSAEncryption
--
@@ -212,7 +215,18 @@ local function output_tab(cert)
local o = stdnse.output_table()
o.subject = name_to_table(cert.subject)
o.issuer = name_to_table(cert.issuer)
- o.pubkey = cert.pubkey
+ o.pubkey = {}
+ for k, v in pairs(cert.pubkey) do
+ local out = v
+ if have_openssl and type(v) == "userdata" then
+ if k == "exponent" then
+ out = openssl.bignum_bn2dec(v)
+ else
+ out = openssl.bignum_bn2hex(v)
+ end
+ end
+ o.pubkey[k] = out
+ end
o.extensions = cert.extensions
o.sig_algo = cert.sig_algorithm
o.validity = {}