TLS/SSL certificate expired in less than 60 days

Description

During the scan, Kayran managed to find that one of the TLS / SSL certificates used by your server will expire in less than 60 days. TLS / SSL certificates facilitate the encryption of data being transferred.
When the certificate expires, a web browsers will display a security warning to end-users. This warning will be asking them to manually verify the credibility of the certificate on your server.

If the certificate expires, it issues a warning to the user, indicating: “This site is not secure”, or, that “Your connection is not private”, this may lead to users avoiding from accessing or using your site.
Also, an attacker could exploit this vulnerability to carry out Man-In-The-Middle attacks because the traffic was not encrypted.

Recommendation

Renew or Replace your SSL/TLS certificate by contacting the company that provides certification for your server and ask them to renew as soon as possible.

References

https://cwe.mitre.org/data/definitions/295.html

< Return to all Vulnerabilities

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

Read More »