Create a Post
Showing results for 
Search instead for 
Did you mean: 

Untrusted TLS/SSL server X.509 certificate

When a Vulnerability scanner is run in a network then it shows this vulnerability for firewall.

Untrusted TLS/SSL server X.509 certificate. 



The server's TLS/SSL certificate is signed by a Certification Authority (CA) that is not well-known or trusted. This could happen if: the chain/intermediate certificate is missing, expired or has been revoked; the server hostname does not match that configured in the certificate; the time/date is incorrect; or a self-signed certificate is being used. The use of a self-signed certificate is not recommended since it could indicate that a TLS/SSL man-in-the-middle attack is taking place

0 Kudos
1 Reply

This isn't really a vulnerability so much as it's an FYI.
By default, the Gaia WebUI uses a self-signed certificate.
This is normal and expected.
You can change the certificate to one signed by a trusted CA if you wish.