2023-03-25 18:30:44 +00:00
id : kubernetes-fake-certificate
info :
2023-03-27 13:31:27 +00:00
name : Kubernetes Fake Ingress Certificate - Detect
2023-03-25 18:30:44 +00:00
author : kchason
severity : low
2023-03-27 13:31:27 +00:00
description : |
Kubernetes Fake Ingress Certificate is a feature in Kubernetes that allows users to create and use fake or self-signed SSL/TLS certificates for testing purposes without having to obtain a real SSL/TLS certificate from a trusted Certificate Authority (CA).
2023-03-27 18:21:24 +00:00
remediation : Purchase or generate a proper SSL certificate for this service.
2023-03-25 18:30:44 +00:00
reference :
- https://snyk.io/blog/setting-up-ssl-tls-for-kubernetes-ingress/
2023-03-27 13:31:27 +00:00
metadata :
2023-06-04 08:13:42 +00:00
verified : true
2023-10-14 11:27:55 +00:00
max-request : 1
2023-03-27 13:31:27 +00:00
shodan-query : ssl:"Kubernetes Ingress Controller Fake Certificate"
tags : ssl,kubernetes,tls,self-signed
2023-03-25 18:30:44 +00:00
ssl :
- address : "{{Host}}:{{Port}}"
matchers :
- type : dsl
dsl :
- 'subject_cn == "Kubernetes Ingress Controller Fake Certificate"'
- 'issuer_cn == "Kubernetes Ingress Controller Fake Certificate"'
condition : or
extractors :
- type : dsl
dsl :
2023-03-25 21:30:31 +00:00
- '"Issuer: " + issuer_cn'
2023-10-20 11:41:13 +00:00
# digest: 490a0046304402203477f360d88cc34471d5fbaf562810738fc16ea9801faca7dda66ad572c80062022058a29195d0d414a471079c22f7610557e03ea8df0cf9cfa67772945d0458db27:922c64590222798bb761d5b6d8e72950