Sample output from the report:
Alarm: Test root certificates are allowed.
Risk: Any usage of X.509 certificates for signing or encrypting is unsafe. An active attacker can generate valid test certificates, then for instance use these certificates to sign any message.
Advice: Do not use test keys in production: set the attribute allowTestRoot=”false” in the