Is finding a certificates issuing instance an issue?

While reconning a target I found an “Entrust Authority Enrollment Server for Web” instance which shows around two dozens of certificates for DEV, TEST and PROD environment. The instance is not secured so I can see among other things Issuer, Valid from, Serial Number, Subject Key Identifier and the part between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- for each certificate.

I am not sure if this is really an issue and whether the certificates are even intended to be public.

On a different subdomain at the same target I found a public directory which also includes (different) certificates for download (.cer, .der and .crl filetypes). Some of them has names like RootCA.cer.

Thanks for your opinion and help!

Hi @0xr49n4r.
From what I understand from “Ease of use” from this document, it seems that the service is supposed to be public.
Anyway, do your own research to be sure.

1 Like