This document is not intended to be a definitive guide, but more of a review of the specific commonly identified issues resulting from the inappropriate deployment of SSL certificates on internal services within a corporate environment.
Whilst this document is not intended to be definitive, Portcullis believes that it should provide a high level summary of the issues that are typically present in such an environment, along with proposals as to how they can be mitigated.
