CRITICAL | This severity level implies that the process always/usually works badly. |
MAJOR | This severity level implies that the process works badly in some cases. |
MEDIUM | This flaw results in unfavorable behavior but the system remains functioning. |
LOW | This type of flaw won’t cause any major breakdown in the system. |
List of identified issues in this category (click on the title to show details)
NET-001: Incomplete SSL certificate chain
Description | A website with this SSL misconfiguration might work fine in the browser, but it won't work for clients that do not support AIA Fetching, e.g. in Python. The error can be reproduced with `curl`, it will return error: "curl: (60) SSL certificate problem: unable to get local issuer certificate". The website can be also tested on https://www.ssllabs.com/ssltest/index.html . |
---|
Estimated severity | CRITICAL |
---|
Examples | |
---|
Suggested action | Test your website, configure properly your webserver |
---|
How communicated | Monitoring system 11 HEIs (6 providers) in PROD, 9 HEIs (7 providers) in DEV |
---|
NET-002: Expired SSL certificate
Description | Expired SSL certificate |
---|
Estimated severity | CRITICAL |
---|
Examples | |
---|
Suggested action | The certificate needs to be renewed |
---|
How communicated | Monitoring system At least 3 HEIs (2 providers) in PROD, 39 HEIs (9 providers) in DEV |
---|