The "SSL/TLS: Certificate Signed Using A Weak Signature Algorithm" test gets confused if a server is using (and presumably sends as part of the TLS handshake) a Root CA certificate that is signed by a weak algorithm.

This check should only be valid for subordinate certificate, that is, certificates signed by a superior CA.  In a self-signed (such as a Root CA) the signature algorithm is irrelevant.

Many organisations still use a SHA1 signed Root CA certificate, and these are flagged up during a scan, if the scanned server is configured to send the Root CA certificate as part of the chain. Note that sending the Root has no security benefit or risk, and is ignored by clients - it is usually due to a misconfigured server.

The 'gb_ssl_weak_hash_algo.nasl' script checks if a certificate is a Root CA certificate (by including CAs.inc) but this only checks if the certificate is on a predefined list of commercial CAs.  I can't add to this list (as far as my understanding goes) as the file is signed.  In my opinion, the NASL should simply check if the Subject and the Issuer are the same.  If they are, there is no reason to check the signature algorithm.

This also affects servers that use a single self-signed certificate for TLS.  While not considered best practice, many do use them.  Again, there is no reason in flagging the signature algorithm of these self-signed certificates as it adds no effective security.  A test of Subject is equal to Issuer would resolve this too.

This may have been discussed previously (Google couldn't find it) as I'm new to OpenVAS.  If it has, please accept my apologies.

Kind regards,


This email has been checked for viruses by Avast antivirus software.

Openvas-discuss mailing list

Reply via email to