Certificate RSA Key Bytes Lower Than 256
- Query id: 874d68a3-bfbe-4a4b-aaa0-9e74d7da634b
- Query name: Certificate RSA Key Bytes Lower Than 256
- Platform: Terraform
- Severity: Medium
- Category: Insecure Configurations
- URL: Github
Description¶
The certificate should use a RSA key with a length equal to or higher than 256 bytes
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "aws_api_gateway_domain_name" "example" {
certificate_body = file("./rsa1024.pem")
domain_name = "api.example.com"
}
Positive test num. 2 - tf file
resource "aws_iam_server_certificate" "test_cert2" {
name = "some_test_cert"
certificate_body = file("./rsa1024.pem")
private_key = <<EOF
-----BEGIN RSA PRIVATE KEY-----
[......] # cert contents
-----END RSA PRIVATE KEY-----
EOF
}