Failure to identify an invalid or expired SSL certificate error at the time of VM connectivity
If the SSL certificate for VMWare connections is invalid or expired, it is not getting addressed. All types of certificates are considered as valid certificates.
References: CWE-295 CWE-296 CWE-300
Spotlight will check for the SSL certificate errors. If certificate for connection is valid, then it will work normally. If SSL certificate is invalid due to any reason such as certificate expiration, invalid certificate due any parameter, then warning message will be displayed on connection window stating as “Spotlight has detected invalid or expired SSL certificate.” As shown in the attached screenshot.
To verify the validity of an SSL certificate, check for SSL certificate errors. If the error count is 0 or no errors are found, the certificate is considered valid. There are three types of SslPolicyErrors:
| Name | Value | Description |
|---|---|---|
| None | 0 | No SSL policy errors. |
| RemoteCertificateNotAvailable | 1 | The certificate is not available. |
| RemoteCertificateNameMismatch | 2 | The certificate name does not match the hostname. |
| RemoteCertificateChainErrors | 4 | The certificate chain contains errors. |
