Identity Management / SSL Certificate Cannot Be Trusted

Infrastructure

Description

SSL Certificate Cannot Be Trusted is a vulnerability that occurs when an SSL/TLS certificate cannot be successfully verified and therefore is not trusted. This may be due to several reasons:

  • The top of the certificate chain may not descend from a known public certificate authority.
  • The certificate chain may contain a certificate that is not valid at the time of checking.
  • The certificate chain may contain a signature that does not match the certificate or could not be verified.

Risk

This vulnerability can indicate that man-in-the-middle attacks could be possible, as the original certificate cannot be trusted and an attacker may equally present a certificate that cannot be trusted. This could allow attackers to undermine the confidentiality and integrity of the communication.

Solution

The best solution to remediate the vulnerability of SSL Certificate Cannot Be Trusted is to ensure that all SSL certificates can be properly validated and the certificate chain is valid.

Curious? Convinced? Interested?

Arrange a no-obligation consultation with one of our product experts today.