id: kubernetes-fake-certificate info: name: Kubernetes Fake Ingress Certificate - Detect author: kchason severity: low description: | Kubernetes Fake Ingress Certificate is a feature in Kubernetes that allows users to create and use fake or self-signed SSL/TLS certificates for testing purposes without having to obtain a real SSL/TLS certificate from a trusted Certificate Authority (CA). remediation: Purchase or generate a proper SSL certificate for this service. reference: - https://snyk.io/blog/setting-up-ssl-tls-for-kubernetes-ingress/ metadata: max-request: 1 verified: "true" shodan-query: ssl:"Kubernetes Ingress Controller Fake Certificate" tags: ssl,kubernetes,tls,self-signed ssl: - address: "{{Host}}:{{Port}}" matchers: - type: dsl dsl: - 'subject_cn == "Kubernetes Ingress Controller Fake Certificate"' - 'issuer_cn == "Kubernetes Ingress Controller Fake Certificate"' condition: or extractors: - type: dsl dsl: - '"Issuer: " + issuer_cn'