Loading controls...

Control: Use strong and secure private key (at least a 2048-bit RSA or 256-bit ECDSA key)

Description

Private key is the single most important component of your SSL certificate that's used in the encryption/decryption of data sent between your server and the connecting clients. Larger keys are harder to crack, but require more computing overhead. It is recommended to use secure private key algorithm (at least a 2048-bit RSA or 256-bit ECDSA) to make your website secure.

Usage

Run the control in your terminal:

steampipe check net_insights.control.ssl_certificate_secure_private_key

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share net_insights.control.ssl_certificate_secure_private_key

Plugins & Tables

net_certificate

Params

Args	Name	Default	Description	Variable
$1	domain_names	`["github.com","microsoft.com"]`	DNS domain names.	domain_names

SQL

select
  common_name as resource,
  case
    when (
      public_key_algorithm = 'RSA'
      and public_key_length = 2048
    )
    or (
      public_key_algorithm = 'ECDSA'
      and public_key_length = 256
    ) then 'ok'
    else 'alarm'
  end as status,
  common_name || ' uses ' || public_key_length || '-bit ' || public_key_algorithm || ' key.' as reason
from
  net_certificate
where
  domain in (
    select
      jsonb_array_elements_text(to_jsonb($1 :: text [ ]))
  )
order by
  common_name;

turbot/net_insights

Control: Use strong and secure private key (at least a 2048-bit RSA or 256-bit ECDSA key)

Description

Usage

Plugins & Tables

Params

SQL

Steampipe

Resources

Community