WebX Auditor

TLS certificate not expired or near expiry

The TLS certificate must be currently valid and not within 14 days of expiry. An expired certificate breaks HTTPS for every visitor and is a common, entirely avoidable government-site outage.

Security OWASP ASVS V9.1.1 (valid certificate) Advanced Security Audit
In short

The TLS certificate is expired or expiring within 14 days. This check is fully automated — the scanner returns a definitive pass or fail.

How to fix it

Renew the certificate and automate renewal (ACME/Let's Encrypt or your CA's automation) with alerts at least 30 days before expiry.

Standards this maps to

Frameworks that require this

Advanced Security Audit

Severity

critical — a blocking issue that should be fixed first.

Scans this and 300+ other checks across accessibility, SEO, security & speed — first audit free.

Related checks

Contingency Management PlanData ProtectionSQL Injection ProtectionXSS Protection (CSP preferred over X-XSS-Protection)CSRF Token ValidationSecure File UploadInput ValidationTLS 1.2+ EnforcementSecurity Headers CSP and HSTSCookie Security Flags