Expired SSL Certificate

ID: expired-ssl

Severity: low

Author: pdteam

Tags: ssl,tls

Description

After an SSL certificate expires, you will no longer be able to communicate over a secure, encrypted HTTPS connection.

YAML Source

id: expired-ssl

info:
  name: Expired SSL Certificate
  author: pdteam
  severity: low
  description: |
    After an SSL certificate expires, you will no longer be able to communicate over a secure, encrypted HTTPS connection.
  remediation: |
    Purchase or generate a new SSL/TLS certificate to replace the existing one.
  reference:
    - https://www.acunetix.com/vulnerabilities/web/tls-ssl-certificate-about-to-expire/
  metadata:
    max-request: 1
  tags: ssl,tls
ssl:
  - address: "{{Host}}:{{Port}}"
    matchers:
      - type: dsl
        dsl:
          - "expired == true"

    extractors:
      - type: kval
        kval:
          - "not_after"
# digest: 490a00463044022003e88d75cd5f8dff92ac5c21095e9297fc8f78ce18957f30fb2d05d657c32644022075500d2d945880f8e810429715faefb2810296e9420e5247ca6c6a2cc8499b12:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "ssl/expired-ssl.yaml"

View on Github