Invalid certificate chain encountered during redirection

Febna V M
Published on
05 Jun 2018
Client Side URL Redirect

There are two types of certificate authorities (CA):-

  • Root
  • Intermediate

The certificates are issued by a trust certificate authority. If the certificate is not by a trust CA, The connecting device (usually a web browser) checks from where the CA got its certification. The browser will check until a trust CA is found. If not found, the connecting device will show an error. The list from root CA to the end- user certificate is called a chain. When the whole chain consists of untrusted certificates, It is known as the invalid certificate chain. This will also affect the redirection to HTTPS as well.


Using this vulnerability, an attacker can:-

  • redirect the user to a malicious site to steal information/data.
  • show user false data which will, in turn, affect the credibility of the website.

Mitigation / Precaution

Beagle recommends the following:-

  • Try to setup a proper SSL certificate.
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Written by
Febna V M
Febna V M
Cyber Security Engineer
Find website security issues in a flash
Improve your website's security posture with proactive vulnerability detection.
Free website security assessment
Experience the power of automated penetration testing & contextual reporting.