Certificate is Signed Using a Weak Signature Algorithm

Severity: High
Summary#

Invicti detected that a certificate is signed using a weak signature algorithm.

The weak signature algorithm is known to be cryptographically weak and vulnerable to collision attacks.

Impact#
Attackers can observe the encrypted traffic between your website and its visitors by leveraging the use of this vulnerability.
Remediation#
You'll need to generate a new certificate request, and get your CA to issue you a new certificate using SHA-2.
Invicti Logo

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo