Re: [Openvas-discuss] Private or Corporate CAs

2018-02-02 Thread R0b0t1
On Fri, Feb 2, 2018 at 3:18 PM, Gareth Williams wrote: > Hello, > > The "SSL/TLS: Certificate Signed Using A Weak Signature Algorithm" test gets > confused if a server is using (and presumably sends as part of the TLS > handshake) a Root CA certificate that is signed

[Openvas-discuss] Private or Corporate CAs

2018-02-02 Thread Gareth Williams
Hello, The "SSL/TLS: Certificate Signed Using A Weak Signature Algorithm" test gets confused if a server is using (and presumably sends as part of the TLS handshake) a Root CA certificate that is signed by a weak algorithm. This check should only be valid for subordinate certificate, that