Details
Alert ID 10205-1
Alert Type Active
Status alpha
Risk Informational
CWE 311
WASC 4
Technologies Targeted All
Tags CWE-311
OWASP_2017_A03
OWASP_2021_A02
OWASP_2025_A04
POLICY_API
POLICY_PENTEST
POLICY_QA_FULL
POLICY_QA_STD
POLICY_SEQUENCE
SYSTEMIC
WSTG-V42-CRYP-01
More Info Scan Rule Help

Summary

Performs HTTPS configuration analysis including certificate details and supported cipher suites.

Solution

Review the HTTPS configuration details and ensure certificates are valid and cipher suites are appropriately configured.

Other Info

Server: example.com Server Certificate(s): Subject DN: CN=example.com Signing Algorithm: SHA256withRSA Certificate Fingerprint: AA:BB:CC:... Issuer DN: CN=example.com Not Valid Before: Not Valid After: Certificate Serial Number: 0 Certificate Version: 3 Self Signed Certificate: false Cipher Suites Supported: TLS_AES_256_GCM_SHA384(STRONG,TLSv1.3) TLS_CHACHA20_POLY1305_SHA256(STRONG,TLSv1.3)

References

Code

org/zaproxy/zap/extension/httpsinfo/HttpsConfigScanRule.java