Get a demo
AppSec with Zero Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

TLS/SSL Certificate Key Size Too Small

Severity: Medium
Summary#

Invicti detected that certificates used by your server uses a key that is considered weak due to its small key size. The recommended minimum sizes for RSA and ECDSA keys are 2,048 bit and 256 bit, respectively.

Impact#

It can impact both website and the users:

  • Warning error messages displayed by browsers when visiting the site
  • Personal information at risk from man-in-the-middle attacks
  • Reduction in trust as the site becomes insecure
Remediation#

If you are using certificates with weak keys, you will need to migrate to either larger keys, more efficient algorithms, or both.

Classifications#
, ,

Select Category

OR

Search Vulnerability

Related Vulnerabilities

Related Articles

Build your resistance to threats. And save hundreds of hours each month.

Get a demo See how it works