Secure HyperText Transfer Protocol (S-HTTP) Detection
Medium Nessus Plugin ID 11720
SynopsisThe remote web server encrypts traffic using an obsolete protocol.
DescriptionThe remote web server accepts connections encrypted using Secure HyperText Transfer Protocol (S-HTTP), a cryptographic layer that was defined in 1999 by RFC 2660 and never widely implemented.
SolutionRare or obsolete code is often poorly tested. Thus, it would be safer to disable support for S-HTTP and use HTTPS instead.