Cryptography-related vulnerabilities are part of the OWASP Top 10 2017. They are covered under A3:2017 Sensitive Data Exposure. Some of the vulnerabilities listed under this category are as follows:

• Applications transmitting data in clear text. This concerns protocols such as HTTP, SMTP, and FTP.
• Application using old or weak cryptographic algorithms.
• Application using the default crypto keys.
• Application not enforcing encryption.
• Application not encrypting user sensitive information while in storage.
• Application using an invalid SSL certificate.

Qualys provides an excellent online tool for testing SSL certificates. The following images show sample results from the Qualys SSL test, which can be accessed at https://www.ssllabs.com/ssltest/:

Some more results from the website: