All Collections
Control Tests
Test: SSL Certification has Not Expired
Test: SSL Certification has Not Expired

Drata makes a request to your company website to inspect its SSL/TLS configurations and determine if the SSL certificate is expired.

Ashley Hyman avatar
Written by Ashley Hyman
Updated over a week ago

ASSOCIATED DRATA CONTROL

This test is part of the SSL/TLS Enforced control that ensures all connections to your company web application from users are encrypted and using SSL/TLS. Drata will confirm that your SSL certificate is valid and has not expired.

WHAT DOMAINS/URLS ARE CHECKED

Company domain and product URL specified in Drata. The Drata company domain may not include the http or https protocol, or the www subdomain. This means Drata is testing the SSL certificate on that domain specifically.

WHAT IT DOES

Looks at the expiration date on the SSL certificate for the domains/urls above.

WHY ARE WE TESTING THIS?

Certificates need to be renewed periodically. This helps ensure that the certificate was obtained by an authorized owner of the website.

WHAT TO CHECK IF IT FAILS

Click the lock in the browser and click on the Certificate details to inspect the Expires field.

STEPS TO REMEDIATE

  1. Renew the certificate with your SSL/TLS provider and install the new certificate on your web server or load balancer.

  2. Navigate to the Account Settings - Company page in Drata

  3. Enter the URL for your Company Website in the Product URL field

HELPFUL RESOURCES

Did this answer your question?