Detectify
Knowledge Base

Back to Knowledge Base

Support Center

SSL Subject Alternative Names (SAN)

Last Updated: Apr 22, 2017 12:14AM CEST

It is possible to list multiple domains a certificate is valid for within one single certificate. Having fewer certificates can make the server setup easier as well as certificates cheaper. However, it also means any user visiting the site can see what other sites are using the same certificate.

This in itself is not a vulnerability, but the information can aid an attacker in further attacks.

What can happen?

An attacker can use the alternative domain names to find other potential targets residing on the same server. By attacking another site on the same server the attacker might eventually be able to take over the initial target.

Remediation

If this is considered a problem, use certificates with a single common name instead. If this is not considered a problem, mark the finding as Accepted Risk and it will be automatically filtered out in the future.

This finding is intended as information that the developers need to be aware of, rather than a warning about a direct vulnerability.

support@detectify.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete