Certificate-Not-Sent-SMTP/EN
Verification of certificate transmission
If the result is positive, there is no need for further action. If the result is negative, please read the following instructions.
Result positive | Server send a certificate |
Result negativ | Server does not send a certificate |
Description | The server has not sent any certificate. This is unusual and should not happen. The server should check its TLS configuration and disable anonymous cipher suites if necessary. |
Background | It is theoretically possible to configure a TLS server so that it does not send any certificate to identify itself and only encrypts it without signing its Public Key. A client who wants to connect to the server cannot check if he is really talking to the server he expects. This type of configuration is extremely rare. |
Consequence | Without certificate attackers can spy on your communication. Criminals could anonymously access your customers' personal data such as passwords. |
Solution/Tips | If Server does not send certificate was reported, update the TLS implementation you used urgently. Modern software no longer allows this type of configuration. |