Certificate Has Expired
- Query id: c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6
- Query name: Certificate Has Expired
- Platform: Terraform
- Severity: Medium
- Category: Access Control
- URL: Github
Description¶
Expired SSL/TLS certificates should be removed
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
- name: upload a self-signed certificate
community.aws.aws_acm:
certificate: "{{ lookup('file', 'expiredCertificate.pem' ) }}"
privateKey: "{{ lookup('file', 'key.pem' ) }}"
name_tag: my_cert
region: ap-southeast-2
Positive test num. 2 - tf file
resource "aws_api_gateway_domain_name" "example2" {
certificate_body = file("expiredCertificate.pem")
domain_name = "api.example.com"
}