Home
Support Forums

SSL vulnerablity as Heartbleed and Poodle(TLS)

A SSL checker, Check Website Security | DigiCert SSLTools, says my site on Netlify has some SSL vulnerablities of Heartbleed and Poodle (TLS), whose URL is https://je-exam.edu.dhc.co.jp.

I have successfully installed the certificates with Netlify Custom SSL.

  • Does anyone know solutions to those?
  • Which causes this problems, Netlify servers or my app based on GatsbyJS.

Thanks.

Yasushi

Hi @y.kato

In fact it does not say those vulnerabilities exist, it says

We couldn’t check for Heartbleed.

and

We couldn’t check for Poodle (TLS).

meaning it was unable to check for those vulnerabilities. One of the reasons given is

An intrusion prevention system has closed external connections to the Internet.

This is possibly due to you having your site password protected. This is not the reason as I tested one of my sites that does not have a password and received the same result.

1 Like

@coelmay

Thank you for the useful answer. Actually, we are under proxy. I’ll discuss with a tester.

Hi, @y.kato. I also checked that site and the SSL certificate is one that someone uploaded to our service. That is not an SSL certificate created using Netlify.

If there are problems with that SSL certificate, you will need to either upload a new one or revert to the automatic SSL that Netlify provides via Let’s Encrypt.