id: untrusted-root-certificate info: name: Untrusted Root Certificate - Detect author: pussycat0x severity: low description: | A root certificate is a digital certificate issued by a trusted certificate authority that acts as a basis for other digital certificates. An untrusted root certificate is a certificate that is issued by an authority that is not trusted by the computer, and therefore cannot be used to authenticate websites or other digital certificates. reference: - https://www.sslmarket.com/ssl/trusted-and-untrusted-certificate - https://www.invicti.com/web-vulnerability-scanner/vulnerabilities/ssl-untrusted-root-certificate/ metadata: verified: true tags: ssl,untrusted ssl: - address: "{{Host}}:{{Port}}" matchers: - type: dsl dsl: - "untrusted == true"