From 6c43558975d1d0bdffc100fc94efb385c6675c3a Mon Sep 17 00:00:00 2001
From: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
Date: Fri, 5 Sep 2025 10:47:37 +0100
Subject: [PATCH] Potential fix for code scanning alert no. 313: Information
 exposure through an error message

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 .../security/controller/api/ServerCertificateController.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/ServerCertificateController.java b/app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/ServerCertificateController.java
index e85d127a6..d2460a9b6 100644
--- a/app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/ServerCertificateController.java
+++ b/app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/ServerCertificateController.java
@@ -72,7 +72,7 @@ public class ServerCertificateController {
             return ResponseEntity.ok("Server certificate uploaded successfully");
         } catch (IllegalArgumentException e) {
             log.warn("Invalid certificate upload: {}", e.getMessage());
-            return ResponseEntity.badRequest().body(e.getMessage());
+            return ResponseEntity.badRequest().body("Invalid certificate or password.");
         } catch (Exception e) {
             log.error("Failed to upload server certificate", e);
             return ResponseEntity.internalServerError().body("Failed to upload server certificate");