Authentication

Azure Key Vault Certificate without Certificate Transparency

Platform(s)
Compliance Frameworks

Description

Azure Key Vault Certificate {AzureKeyVaultCertificate} does not have transparency enabled. In order to guard against SSL/TLS certificates that are issued by mistake or by a compromised CA, some browsers require that public certificates issued for your domain be recorded in a certificate transparency log. The domain name is recorded, but the private key is not. Certificates that are not logged typically generate an error in the browser.

  • Recommended Mitigation

    It is recommended to enable certificate transparency.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.