How SSL/TLS Certificate Grading works ?
The SSL Certificate Grade is determined based on factors like supported protocols, cipher strength, certificate key exchange size, and the presence of certificate vulnerabilities. The supported grades are as follows:
Grade
| Values
|
A+
| 90 and above |
A
| 80 to 90 |
B+
| 75 to 80 |
B
| 65 to 75 |
C
| 50 to 65 |
D
| 35 to 50 |
E
| 20 to 35 |
F
| Below 20 |
Additional conditions for assigning the grades:
Grade F: Assigned if the SSL/TLS certificate has vulnerabilities such as FREAK or LOGJAM.
Grade C: Assigned if the SSL/TLS certificate has the CRIME vulnerability or if both RC4 and either TLSv1.1 or TLSv1.2 are present.
Grade B: Assigned if the SSL/TLS certificate has any of the following:
BEAST vulnerability
RC4 vulnerability
Lack of Forward Secrecy
Usage of either TLSv1 or TLSv1.1
Lack of AEAD

Note: SSLv2 and SSLv3 protocols are excluded when determining the grade of the SSL/TLS certificate.
New to ADSelfService Plus?
Related Articles
How to monitor SSL Certificate of FTPS server?
To monitor the SSL certificate of an FTPS server, Implicit mode is the recommended method. In this mode, the connection is automatically encrypted as soon as the client connects, making it ideal for monitoring SSL certificates. Implicit Mode (Default ...
Enable TLS 1.2 alone in the EUM Agent
Follow the below steps to enable TLS1.2 alone (disable TLS 1 & 1.1) Open the file server.xml present under EUMAgent\conf\backup folder. Search for the term 'SSLEnabled="true" '. Add the parameter 'sslEnabledProtocols="TLSv1.2" ' to the end of that ...
Resolving Issues When Onboarding SSL-Enabled MySQL Database Servers
Error Message: Connections using insecure transport are prohibited while --require_secure_transport=ON Solution: To overcome this issue follow the steps given below: Execute the following query in the corresponding MySQL shell script: ALTER USER ...
LDAP - Unable to find valid SSL Certificate
If there is an error while adding LDAP Server Monitor with the message "Unable to find valid SSL Certificate", then please try the below steps to troubleshoot the issue. When the error occurs we can find the below traces in the "stderr.txt.*" log ...
Troubleshooting SSL Handshake Error
An SSL Handshake error typically occurs when a secure connection cannot be established due to issues like incompatible SSL protocol versions, ciphers or missing client certificates. Verify URL Accessibility Ensure that the URL you’re monitoring is ...