GOOD
Certificate duration exceeds best practice: Rating will drop to WARN on August 18, 2019
Description: The maximum duration of TLS/SSL certificates is set to 825 days. This applies to certificates issued after March 1, 2018. Learn more…
Remediation Tips: Review the best practices and obtain a valid and up-to-date TLS certificate from a certificate authority.
FAIR
SMTP server allows protocol TLSv1.1 or lower
Description: The Simple Mail Transfer Protocol (SMTP) server allows unsupported TLS protocols (TLSv1.1 or lower) in addition to secure protocols (TLSv1.2 or greater). In some cases, TLS 1.0/1.1 may be necessary to support older SMTP clients. However, because of the security issues associated with these protocols, it is recommended to disable support for them as soon as possible.
Remediation Tips: Configure the SMTP server to support TLSv1.2 or greater. See our guide for remediating TLS/SSL Configuration findings.
WARN
Broken certificate chain
Description: The server is missing intermediate certificates provided by your certificate vendor or the existing certificate is not trusted.
Remediation Tips: Regenerate or reinstall the certificate. Refer to Remediation Verification: Missing Intermediate Certificates or Untrusted Root Anchor for details on missing intermediate certificates.
Certificate duration exceeds best practice
Description: The maximum duration of TLS/SSL certificates is set to 825 days. This applies to certificates issued after March 1, 2018. Learn more…
Remediation Tips: Review the best practices and obtain a valid and up-to-date certificate from a valid certificate authority. See our approved certificate authorities list.
Certificate Name Mismatch
Description: The hostname does not match the certificate's "Common Name" (CN) or "Subject Alternative Names" (SAN), which indicates a misconfiguration.
Remediation Tips: See our guide for remediating TLS/SSL Configuration findings.
Certificate with non-standard root
Description: The root certificate used to sign this certificate is not from a trusted authority.
Remediation Tips: Obtain an updated TLS certificate from a trusted certificate authority. See our approved certificate authorities list.
Diffie-Hellman prime is less than 2048 bits
Description: Primes shorter than 2048 bits are estimated to be breakable by adversaries with nation-state-level resources.
Remediation Tips: Use a 2048-bit key. See our guide for checking the Diffie-Hellman prime value. If this value is less than 2048 bits, generate a new prime. See the WeakDH, "Guide to Deploying Diffie-Hellman for TLS" for a list of common products.
DSA public key is less than 2048 bits
Description: Keys shorter than 1024 bits can be broken with consumer devices. A key length of 2048 bits is recommended.
Remediation Tips: Your certificate will need to be re-issued or regenerated by your certificate provider with a DSA public key strength greater than or equal to 2048 bits.
Missing intermediate certificates or untrusted root anchor
Description: The certificate chain received from the server is incomplete or not signed by a known trust anchor. See how the TLS/SSL Configurations risk vector is assessed.
Remediation Tips: The server is either missing intermediate certificates provided by your certificate vendor or the existing certificate is not trusted. Regenerate or reinstall the certificate. Refer to Remediation Verification: Missing Intermediate Certificates or Untrusted Root Anchor for details on missing intermediate certificates and the approved certificate authorities list.
No root certificate in chain
Description: The root certificate in this chain is signed by an unknown certificate authority.
Remediation Tips: Obtain an updated TLS certificate from a trusted certificate authority, or limit access to the certificate to specific resources (for example, private networks). See our guide for remediating TLS/SSL Configuration findings.
BAD
Allows insecure cipher: Export Ciphers
Description: This server accepts the RSA_EXPORT cipher suite, making it susceptible to the FREAK attack.
Remediation Tips: Update your company web server software to disable export cipher suites. For all major server software (IIS, Apache, nginx, etc), refer to the Guide to Deploying Diffie-Hellman for TLS for explicit instructions, which also applies to SSL v2 and v3.
Allows insecure protocol: TLSv1.0
Description: TLS version 1.0 has been deprecated.
Remediation Tips: Disable TLS 1.0. See our guide for remediating TLS/SSL Configuration findings.
Allows insecure protocol: TLSv1.1
Description: TLS version 1.1 has been deprecated.
Remediation Tips: Disable TLS 1.1. See our guide on verifying TLS is disabled.
Allows insecure protocol: SSLv2
Description: This protocol has been deprecated for some time and has many known security vulnerabilities, such as the DROWN attack.
Remediation Tips: Disable SSLv2. See our guide for verifying that TLS has been disabled.
Allows insecure protocol: SSLv3
Description: This protocol is vulnerable to the POODLE attack.
Remediation Tips: Disable SSLv3. See our guide for remediating TLS/SSL Configuration findings.
Allows protocol: TLSv1.1
Description: TLS version 1.1 has been deprecated.
Remediation Tips: Disable TLS 1.1. See our guide for remediating TLS/SSL Configuration findings.
Certificate was issued for a date in the future
Description: This certificate becomes valid after today's date. Traffic to this host may not be encrypted. Your TLS/SSL provider may have misconfigured the certificate, or if self-signed, was not issued appropriately.
Remediation Tips: Obtain and install a certificate that is valid for today's date. See our guide for remediating TLS/SSL Configuration findings.
Diffie-Hellman prime is very commonly used
Description: A common Diffie-Hellman prime indicates poor server-side TLS configuration; servers with common primes are more susceptible to compromise, as demonstrated by the Logjam attack.
Remediation Tips: See our guide for checking the Diffie-Hellman prime value. If this value is still seen as common, generate a new prime. See the WeakDH, "Guide to Deploying Diffie-Hellman for TLS" for a list of common products.
Diffie-Hellman prime is less than 512 bits
Description: Primes shorter than 512 bits are estimated to be breakable by adversaries with consumer-level and academic-level resources.
Remediation Tips: Use a key length of 2048 bits. See our guide for checking the Diffie-Hellman prime value. If this value is less than 2048 bits, generate a new prime. See the WeakDH, "Guide to Deploying Diffie-Hellman for TLS" for a list of common products.
Diffie-Hellman prime is less than 1024 bits
Description: Primes shorter than 1024 bits are estimated to be breakable by adversaries with consumer-level and academic-level resources.
Remediation Tips: Use a 2048-bit key. See our guide for checking the Diffie-Hellman prime value. If this value is less than 2048 bits, generate a new prime. See the WeakDH, "Guide to Deploying Diffie-Hellman for TLS" for a list of common products.
Diffie-Hellman public key is very commonly used
Description: A common public key indicates poor server-side TLS configuration or private keys are used more than once on separate servers.
Remediation Tips: Check your server for any improperly implemented crypto libraries, and make sure that all libraries (SSL, etc) are up to date. Use a TLS implementation of your choice to generate a new Diffie-Hellman group for your server. Refer to the Guide to Deploying Diffie-Hellman for TLS to learn more.
Elliptic curve public key is less than 160 bits
Description: Keys shorter than 160 bits can be broken with consumer devices. A key length of 224 bits is recommended.
Remediation Tips: An EC parameter of 224 bits or more is recommended. Your certificate will need to be re-issued or regenerated by your ECC provider with an elliptic curve parameter greater than or equal to 160 bits.
Elliptic curve public key is less than 224 bits
Description: Keys shorter than 224 bits may be insecure.
Remediation Tips: Your certificate will need to be re-issued or regenerated by your certificate provider with an elliptic curve parameter greater than or equal to 224 bits.
Malformed certificate
Description: There is a problem with the certificate that may render it ineffective.
Remediation Tips: Obtain updated leaf certificates from your certificate vendor.
Malformed public key
Description: There is a problem with the public key that may render it ineffective. The key may not have been produced or configured properly.
Remediation Tips: Check that your keys are properly stored. You may need to generate a new public key. Obtain updated certificates from your certificate vendor if necessary.
Short Diffie-Hellman prime is very commonly used
Description: A common Diffie-Hellman prime indicates poor server-side TLS configuration and puts the server at risk for the Logjam attack.
Remediation Tips: See our guide for checking the Diffie-Hellman prime value. If this value is still seen as common, generate a new prime. See the WeakDH, "Guide to Deploying Diffie-Hellman for TLS" for a list of common products.
SMTP server does not support protocol TLSv1.2
Description: The Simple Mail Transfer Protocol (SMTP) server does not support TLS protocol TLSv1.2.
Remediation Tips: Configure the SMTP server to support TLS protocol TLSv1.2 or greater. See our guide for remediating TLS/SSL Configuration findings.
SMTP server does not support protocol TLSv1.2 or greater
Description: The Simple Mail Transfer Protocol (SMTP) server does not support secure TLS protocols (TLSv1.2 or greater).
Remediation Tips: Configure the SMTP server to support TLSv1.2 or greater. See our guide for remediating TLS/SSL Configuration findings.
Vulnerable to Heartbleed
Description: This SSL certificate was generated using the OpenSSL library and has not been updated since the Heartbleed vulnerability was discovered.
Remediation Tips: Ensure your TLS libraries are up-to-date on company servers.
- January 16, 2025: Removed Name Mismatch, which duplicates Certificate Name Mismatch.
- December 21, 2023: Several updates to remediation tips linking to the TLS/SSL Finding Remediation & Remediation Verification guide; Added Certificate with deprecated root message.
- November 29, 2023: Several updates to remediation tips; Added missing messages; Troubleshooting for Missing intermediate certificates or untrusted root anchor.
Feedback
0 comments
Please sign in to leave a comment.