turbot/net_insights

GitHub
Loading controls...

Benchmark: SSL/TLS Certificate Best Practices

Overview

An SSL certificate (also known as a TLS or SSL/TLS certificate) is a digital document that binds the identity of a website to a cryptographic key pair consisting of a public key and a private key. The certificate includes the public key, which allows a web browser to initiate an encrypted communication session with a web server via the TLS and HTTPS protocols. The private key is kept secure on the server and is used to sign web pages and other documents digitally.

This benchmark performs various standard checks on your domain certificates, for example:

  • Is my certificate valid?
  • Is my certificate expired (or expiring soon)?
  • Is my certificate revoked by the certificate authority (CA)?
  • Is my certificate using any insecure key?

Usage

Browse dashboards and select SSL/TLS Certificate Best Practices:

steampipe dashboard

Or run the benchmarks in your terminal:

steampipe check net_insights.benchmark.ssl_certificate_best_practices

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share net_insights.benchmark.ssl_certificate_best_practices

Controls

Tags