Qualsys 漏洞 SSL 证书-签名验证失败漏洞

Question

We have 2 environment one for test purpose and one for development both have the cluster configuration. But on test environment we are facing some Vulnerabilities due to SSL certificate.

On Neo4j cluster environment facing some Qualys Vulnerability issue:

SSL/TLS Server supports TLSv1.0
SSL Certificate - Invalid Maximum Validity Date Detected
SSL Certificate - Self-Signed Certificate
SSL Certificate - Subject Common Name Does Not Match Server FQDN
SSL Certificate - Signature Verification Failed Vulnerability

Answer 1

To me it looks like Qualys is just letting you know about some issues with the SSL certificate:

-It's out of date

-It's Self Signed (Not issued by a Trusted Certificate Authority)

-In some configuration there's a common name which is mismatched to the domain name for server Look here: https://discussions.qualys.com/thread/19643-ssl-certificate-subject-common-name-does-not-match-server-fqdn#comment-46647

• Look here for last one: https://discussions.qualys.com/thread/17873-qid-38173-ssl-certificate-signature-verification-failed-vulnerability

It looks to me like your options would be to either change your settings in Qualys per that last link and reissue SSL Certificate to resolve issues, or get SSL Certificate issued by a trusted CA.