AnsweredAssumed Answered

Cert DROWN false positive?

Question asked by Jamie MacIsaac on Mar 16, 2016
Latest reply on Mar 18, 2016 by Shawn Heisey

Hi,

 

I have a thawte SHA256 SSL certificate (grants.diabetes.org.uk on 185.64.90.230) that's being marked as vulnerable to the DROWN attack because of a similarly named wildcard COMODO RSA Domain Validation Secure Server certificate (*.diabetes.org.uk on 185.17.182.116 and 185.17.182.121) - see SSL Server Test: grants.diabetes.org.uk (Powered by Qualys SSL Labs)

 

The grants.diabetes.org.uk server has never used the COMODO RSA certificate, yet it's still marked as vulnerable (the servers using the COMODO cert are indeed vulnerable, but they're nothing to do with me). I've looked and can't understand why. Can anybody else shed some light on why grants.diabetes.org.uk is marked as vulnerable?

 

Cheers,

jmi

Outcomes