June 29, 2010 at 16:45Only 3% of SSL certificates are configured correctly.
Qualys security experts have globally scanned websites for valid SSL certificates . A total of 119 million domains were scanned, of which 92 million were active, then approximately 12.4 million refused to be recognized correctly, 14.6 million did not respond. Of the remaining 34 million, they answered a request to ports 80 and 443. Further analysis showed that SSL was active on approximately 23 million sites.
Most surprisingly, of these 23 million sites, only 3.17% had an SSL certificate that corresponded to the domain name on which it was installed. Qualys presented the results of its study at the Black Hat USA hacker conference.
Most surprisingly, of these 23 million sites, only 3.17% had an SSL certificate that corresponded to the domain name on which it was installed. Qualys presented the results of its study at the Black Hat USA hacker conference.