PCI scan failure for SSL certificate

1142750 pts.
Tags:
PCI compliance
PCI DSS
SSL Certificates
We did a PCI scan for one of our clients and it says they failed due to the SSL certificate, for SMTP Port 25, not matching the domain scanned. Here's what it said:
Description: SSL Certificate with Wrong Hostname 

Synoposis: The SSL certificate for this service is for a different host. 

Impact: The commonName (CN) of the SSL certificate presented on this service is for a different machine.
But our other PCI scan says it didn't fail. Do you guys think it's a real fail? Thanks!
0

Answer Wiki

Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Kevin Beaver
    In many cases, having a mismatched or self-signed certificate is not a problem. It could be in this case. Is this system in the scope of the cardholder data environment? If so, it should be a relatively easy fix. If you think it's a false positive, it's something you can manually validate.
    27,505 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following

Share this item with your network: