Protocol: SSL Certificate¶

Identifier: ssl_certificate

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

SSL certificates can be misconfigured, expired, or use weak encryption, making secure connections vulnerable to interception or manipulation, potentially allowing man-in-the-middle attacks and data breaches.

How we test: We analyze SSL/TLS certificates to detect if they are expired, misconfigured, or use weak encryption algorithms. We check certificate validity, chain of trust, and encryption strength to verify if connections are properly secured.

References:

https://www.thesslstore.com/blog/what-happens-when-your-ssl-certificate-expires/

Configuration¶

Example¶

Example configuration:

---
security_tests:
  ssl_certificate:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.