Detections
Analytics

TLS Web Server Authentication Extension Not Supported

info Web App Scanning Plugin ID 112650

Language:

Synopsis

TLS Web Server Authentication Extension Not Supported

Description

The remote server TLS certificate does not have a Extended Key Usage (EKU) extension specifying the id-kp-serverAuth OID.

Solution

Replace the TLS certificate with a new certificate containing an Extended Key Usage extension (EKU) containing the correct id-kp-serverAuth OID.

See Also

https://tools.ietf.org/html/rfc5280#page-44

https://www.openssl.org/docs/manmaster/man5/x509v3_config.html

Plugin Details

Severity: Info

ID: 112650

Type: remote

Family: SSL/TLS

Published: 11/16/2020

Updated: 11/16/2020

Scan Template: api, basic, config_audit, full, pci, quick, scan, ssl_tls