Main Menu

Stay Connected

Join my mailing list and stay informed of all the lasted news and blog posts!

Get Social

Because the HTTPS inspection product manages the protocols, ciphers, and certificate chain, the product must perform the necessary HTTPS validations. Failure to perform proper validation or adequately convey the validation status increases the probability that the client will fall victim to MiTM attacks by malicious third parties.

Organizations using any HTTPS inspection should verify that they properly validate certificate chains and passes any warnings or errors to the client. A partial list of products that may be affected is available at The Risks of SSL Inspection [1]. Organizations may use badssl.com [3] as a method of determining if their preferred HTTPS inspection product properly validates certificates and prevents connections to sites using weak cryptography. At a minimum, if any of the tests in the Certificate section of badssl.com prevent a client with direct Internet access from connecting, those same clients should also refuse the connection when connected to the Internet by way of an HTTPS inspection product.

Read the Full report Here.

Leave your comments

Post comment as a guest

0
Your comments are subjected to administrator's moderation.
terms and condition.
  • No comments found

Site Disclaimer

thechrisbertschlogo

The content provided with this site is for article purposes only.
All images and content (C) the original authors.

Contact Me

Contact Me

I'm excited to hear from you!

You can contact me via my Contact Page. If you'd prefer to give me a ring you can always call me at: 6052901990

My Address

923 N Main St. Aberdeen, South Dakota, United States 57401

Get Social

Newsletter Subscribe