Description

One of the TLS/SSL certificates sent by your server has either expired or is not yet valid.

Most web browsers will present end-users with a security warning, asking them to manually confirm the authenticity of your certificate chain. Software or automated systems may silently refuse to connect to the server.

This alert is not necessarily caused by the server (leaf) certificate, but may have been triggered by an intermediate certificate. Please refer to the certificate serial number in the alert details to identify the affected certificate.

Remediation

Verify Start Date and/or End Dates of your SSL Certificate.

Related Vulnerabilities

Spring Boot Misconfiguration: Actuator endpoint security disabled

SAP NetWeaver server info information disclosure BCB

PHP session.use_trans_sid enabled

Internet Information Server returns IP address in HTTP header (Content-Location)

Directory listings

Severity

Medium

Classification

CWE-298 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Tags

Configuration