Certificate-Not-Sent/EN: Unterschied zwischen den Versionen
(4 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
Zeile 1: | Zeile 1: | ||
− | === | + | |
+ | === {{:{{PAGENAME}}/Headline}} === | ||
+ | |||
+ | If the result is positive, there is no need for further action. If the result is negative, please read the following instructions. | ||
{| class="wikitable" | {| class="wikitable" | ||
− | |''' | + | |'''Result positive'''|| {{:{{PAGENAME}}/Positive}} |
+ | |- | ||
+ | |'''Result negativ'''|| {{:{{PAGENAME}}/Negative}} | ||
|- | |- | ||
− | |''' | + | |'''Description'''|| {{:{{PAGENAME}}/Description}} |
|- | |- | ||
− | |''' | + | |'''Background'''|| {{:{{PAGENAME}}/Background}} |
|- | |- | ||
− | |''' | + | |'''Consequence'''|| {{:{{PAGENAME}}/Consequence}} |
|- | |- | ||
− | |''' | + | |'''Solution/Tips'''|| {{:{{PAGENAME}}/Solution_Tips}} |
|} | |} | ||
− | [[Category:Siwecos-Scanner | + | [[Category:Siwecos-Scanner]] |
{{:{{PAGENAME}}/Category}} | {{:{{PAGENAME}}/Category}} | ||
− |
Aktuelle Version vom 7. Mai 2020, 11:39 Uhr
Verification of certificate transmission
If the result is positive, there is no need for further action. If the result is negative, please read the following instructions.
Result positive | Server sends a certificate |
Result negativ | Server does not send a certificate |
Description | The server has not sent a certificate. This is unusual and should not occur. The server should check its TLS configuration and, if necessary, disable anonymous cipher suites. |
Background | It is theoretically possible to configure a TLS server so that it will not send a certificate to identify itself and only encrypt without signing its public key. A client that wants to connect to the server cannot check whether it is really communicating with the server it expects. This type of configuration is very rare. |
Consequence | Without a certificate for your website, attackers can listen in on your communication. Criminals could intercept your customers' personal data, such as passwords or credit card information. |
Solution/Tips | If Server does not send a certificate was reported, urgently update your TLS implementation. Current software no longer allows this type of configuration. |