SSL Self-Signed Certificate

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The SSL certificate chain for this service ends in an unrecognized
self-signed certificate.

Description :

The X.509 certificate chain for this service is not signed by a
recognized certificate authority. If the remote host is a public host
in production, this nullifies the use of SSL as anyone could establish
a man-in-the-middle attack against the remote host.

Note that this plugin does not check for certificate chains that end
in a certificate that is not self-signed, but is signed by an
unrecognized certificate authority.

Solution :

Purchase or generate a proper certificate for this service.

Risk factor :

Medium / CVSS Base Score : 6.4
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)

Family: General

Nessus Plugin ID: 57582 ()

Bugtraq ID:

CVE ID: