SSL Certificate
Description
An SSL certificate secures data exchange, with validity critical for maintaining secure communications.
- Supports specific cipher suites for encryption strength.
- Prefers certain server cipher suites for optimized security.
- May contain wildcard entries for domain coverage.
- Contains essential details such as issuer and validity dates.
- Supports particular SSL/TLS versions for protocol integrity.
Remediation
Renew your SSL certificate.
Configuration
Identifier:
protocol/ssl_certificate
Examples
Ignore this check
checks:
protocol/ssl_certificate:
skip: true
Score
- Escape Severity: HIGH
Compliance
OWASP: API2:2023
pci: 4.1
gdpr: Article-32
soc2: CC1
psd2: Article-95
iso27001: A.14.2
nist: SP800-52
fedramp: SC-17
Classification
- CWE: 295
Score
- CVSS_VECTOR: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C
- CVSS_SCORE: 7.2