AnsweredAssumed Answered

I am getting a vulnerability in my external scan but according to me this can't be true, please suggest what is to be done.

Question asked by Puneet Shrivastava on Mar 12, 2020
Latest reply on Mar 12, 2020 by Keith Shaw

Threat:

An SSL Certificate associates an entity (person, organization, host, etc.) with a Public Key. In an SSL connection, the client authenticates the remote server using the server's Certificate and extracts the Public Key in the Certificate to establish the secure connection. The authentication is done by verifying that the public key in the certificate is signed by a trusted third-party Certificate Authority.

If a client is unable to verify the certificate, it can abort communication or prompt the user to continue the communication without authentication.

 

But how this can be true when we are performing scan on IP

Outcomes