Skip to main content

Use internally signed certificates

Summary​

The organization must use certificates signed by valid internal certification authorities when these are for internal applications.

Description​

Internally signed certificates refers to the practice of an organization issuing its own digital certificates for internal purposes, instead of obtaining them from a third-party Certificate Authority (CA). This approach is common in internal network environments where the certificates are primarily used for securing communication within the organization.

Supported In​

This requirement is verified in following services

PlanSupported
Essential🔴
Advanced🟢

References​

Vulnerabilities​

free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.