Check for the Invalid Curve vulnerability.
If the result is positive, there is no need for further action. If the result is negative, please read the following instructions.
|Result positive||Not vulnerable to Invalid Curve attacks.|
|Result negativ||Vulnerable to Invalid Curve attacks.|
|Description||The server is vulnerable to an Invalid Curve attack. This allows an attacker to steal the private key of your certificate.|
|Background||For cryptographic encryption, elliptic curves must be selected very carefully because the keys are created from certain points on a curve, which is not easy to do.|
|Consequence||The server is vulnerable through an implementation vulnerability that allows an attacker to decrypt the communication and to steal the private key of your certificate.|
|Solution/Tips||If vulnerability was reported, update your TLS implementation on your server immediately.|