The system must not use expired digital certificates.
CWE-299: Improper Check for Certificate Revocation. The software does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a certificate that has been compromised.
OWASP-ASVS v4.0.1 V9.2 Server Communications Security Requirements.(9.2.4) Verify that proper certification revocation, such as Online Certificate Status Protocol (OCSP) Stapling, is enabled and configured.
Corporate member of The OWASP Foundation
Copyright © 2021 Fluid Attacks, We hack your software. All rights reserved.
