Protocol: SSL Certificate¶

Identifier: ssl_certificate

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

Certificates can go wrong when they're misconfigured, expired, or use weak encryption, which means the secure link you trust becomes vulnerable to interception or manipulation. If a certificate is not set up correctly, attackers might trick users into thinking they're connected to a safe server when they're not, potentially stealing sensitive data or injecting malicious content. Developers often overlook the details like proper certificate validation, keeping up with encryption best practices, or updating protocols, leaving applications open to man-in-the-middle attacks and data breaches.

References:

https://www.thesslstore.com/blog/what-happens-when-your-ssl-certificate-expires/

Configuration¶

Example¶

Example configuration:

---
security_tests:
  ssl_certificate:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.