SSL Certificate Chain Contains Weak RSA Keys
Medium Nessus Plugin ID 60108
SynopsisThe X.509 certificate chain used by this service contains certificates with RSA keys shorter than 1024 bits.
DescriptionAt least one of the X.509 certificates sent by the remote host has a key that is shorter than 1024 bits. Such keys are considered weak due to advances in available computing power decreasing the time required to factor cryptographic keys.
Some SSL implementations, notably Microsoft's, may consider this SSL chain to be invalid due to the length of one or more of the RSA keys it contains.
SolutionReplace the certificate in the chain with the weak RSA key with a stronger key, and reissue any certificates it signed.