What are ‘Certificate Risks'?

What are ‘Certificate Risks' and why should I be concerned?

Security certificates are used to create secure connections to a Service via the Internet. A valid certificate is essential in order to protect the contents of the communication in this connection against being intercepted or changed. The most well-known use of certificates is to create secure connections between a web browser and a website but they are also used to secure the connection between applications where no human being is involved.

These risks relate to services which are using security certificates that have either expired, been issued by an untrusted certificate authority, been revoked or been distrusted. This means customers or applications are not able to securely connect to websites using such a certificate. Visitors to a website with an expired, a revoked, invalid or distrusted certificate will see a security warning in their browser and will not be able to visit the site. Applications which use a security certificate to create a secure communication channel to protect data in transit will no longer work if the certificate is expired, revoked, invalid or distrusted. Invalid certificates represent a significant risk to security, business continuity and reputation.