Skip to main content
All CollectionsMonitoringTests
Test: SSL/TLS on Admin Page of Infrastructure Console
Test: SSL/TLS on Admin Page of Infrastructure Console

Drata inspects an HTTPS request to your company infrastructure admin console to determine the presence and status of an SSL certificate.

Updated over 2 years ago

ASSOCIATED DRATA CONTROL

This test is part of the Require Encryption of Web-Based Admin Access control that ensures your company uses encryption to protect user authentication and admin sessions of the internal admin tool transmitted over the Internet.

WHAT TO DO IF A TEST FAILS

If Drata finds that your company infrastructure admin console has an issue with its SSL/TLS configuration it may be that a certificate has either expired or is not from a valid authority the test will fail. The test may also fail in the case where the URL domain does not match the certificate domain.

To remediate a failed test, you will need to work with your infrastructure provider to ensure that the SSL/TLS configuration of your admin console has a valid certificate for the appropriate domain.

STEPS FOR PASSING

Drata performs the following URL checks when testing to validate a successful SSL/TLS connection:

To successfully validate when using Cloudflare, please ensure the following have been connected to Drata by an Admin:

  • Identity Provider

  • Cloudflare

HELPFUL RESOURCES

Did this answer your question?