Publication Date – September 11, 2023
⇤ TLS/SSL Certificates Findings
GOOD
| Message | Description | Remediation Instructions |
|---|---|---|
| Large number of DNS Names | This certificate secures more than 25 DNS names, allowing for a greater possibility of malicious use and a larger impact if the certificate is compromised. | Consider reducing the number of DNS names secured by the certificate. |
| Symantec CAs will be distrusted in Chrome | The certificate is still trusted in the official Chrome build and in beta, but may be scheduled for distrust. | If your organization has certificates from Symantec Certificate Authorities (CA), check the Chrome release timeline to see if and when your organization should replace its certificates. |
FAIR
| Message | Description | Remediation Instructions |
|---|---|---|
| Symantec certificate distrusted in Chrome Beta | The certificate is still trusted in the official Chrome build, but not in Beta. | Obtain and implement a replacement certificate from a Certificate Authority trusted by Chrome. See the Chrome release timeline for more details. |
WARN
| Message | Description | Remediation Instructions |
|---|---|---|
| DSA public key is less than 2048 bits | Keys shorter than 1024 bits can be broken with consumer devices. A key length of 2048 bits is recommended. | Your TLS certificate will need to be re-issued or regenerated by your certificate provider with a Digital Signature Algorithm (DSA) public key strength greater than or equal to 2048 bits. |
| Elliptic curve public key is less than 224 bits | Keys shorter than 224 bits may be insecure. | Your SSL certificate will need to be re-issued or regenerated by your SSL provider with an elliptic curve parameter greater than or equal to 224 bits. |
| No root certificate in chain | The root certificate in this chain is signed by an unknown certificate authority. | Use an SSL certificate signed by an industry certificate authority provider which resolved to a known CA. See the list of common providers. |
| RSA public key is less than 2048 bits | RSA keys shorter than 2048 bits may be insecure. According to the NIST’s Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths, keys above 1024 bits and below 2048 bits are acceptable only for legacy use. | Your TLS certificate will need to be re-issued or regenerated by your certificate provider with an RSA public key strength greater than or equal to 2048 bits. |
| Self-signed certificate | This certificate was signed by the same server that is hosting the domain, rather than a trusted certificate authority. In these cases, the “Subject” and “Issuer” fields will be the same. Self-signed certificates can be easily compromised and are flagged by most browsers. For more information about the dangers of self-signed certificates, see Thawte’s The Hidden Costs of Self-Signed SSL Certificates. | Use a TLS certificate signed by an industry Certificate Authority provider that resolves to a known Certificate Authority. Refer to the list of common providers. |
| Symantec certificate distrusted in Chrome | The certificate is distrusted in the official Chrome build. | Obtain and implement a replacement certificate from a Certificate Authority trusted by Chrome. See the Chrome release timeline for more details. |
BAD
| Message | Description | Remediation Instructions |
|---|---|---|
| Certificate was issued for a date in the future | This certificate becomes valid after today’s date. Traffic to this host may not be encrypted. Your certificate provider may have misconfigured it, or if self-signed, was not issued appropriately. | Obtain and install a certificate that is valid for today’s date. |
| DSA public key is less than 1024 bits | Keys shorter than 1024 bits can be broken with consumer devices. A key length of 2048 bits is recommended. | Your TLS certificate will need to be re-issued or regenerated by your certificate provider with a Digital Signature Algorithm (DSA) public key strength greater than or equal to 2048 bits. |
| Elliptic curve public key is less than 160 bits | Keys shorter than 160 bits can be broken with consumer devices. A key length of 224 bits is recommended. | An EC parameter of 224 bits or more is recommended. Your TLS certificate will need to be re-issued or regenerated by your ECC provider with an elliptic curve parameter greater than or equal to 160 bits. |
| Expired certificate | This certificate has expired. While the traffic to the host is still encrypted, it may be vulnerable to new attacks. | Obtain and install an updated certificate from an industry certificate authority as soon as possible. |
| Insecure signature algorithm: MD2 | MD2 is not collision-resistant and its support has been discontinued. | Your TLS certificate uses a signing algorithm that’s no longer supported by the security industry. Renew your TLS certificate with your certificate vendor and specify a stronger signature algorithm, such as SHA-256. |
| Insecure signature algorithm: MD5 | MD5 is not collision-resistant and its support has been discontinued. | Your TLS certificate uses a signing algorithm which is no longer supported by the security industry. Renew your TLS certificate with your certificate vendor and specify a stronger signature algorithm, such as SHA-256. |
| Insecure signature algorithm: SHA1 | SHA-1 is vulnerable to partial-message collision attacks; Internet Explorer, Chrome, and Firefox will not accept SHA-1-signed certificates starting in 2017. | Your TLS certificate uses a signing algorithm which is no longer supported by the security industry. Renew your TLS certificate with your certificate vendor and specify a stronger signature algorithm, such as SHA-256. |
| RSA public key is less than 1024 bits | Keys shorter than 1024 bits can be broken with consumer devices. | A key length of 2048 bits is recommended. Your TLS certificate will need to be re-issued or regenerated immediately by your TLS provider with an RSA public key strength greater than 1024 bits. |