You can import the valid signed CA certificate via the certificate manager page:
By default the “default self signed cert” is used hence you won’t able to pass the vulnerability scanning. This is same with other vendor products that self-signed cert will be loaded by default and won’t able to pass the vulnerability scanning.
Please check explanation given below for Self-Signed Certificate vs. Signed Certificate from a CA:
They are a lots of users asking, why don’t Peplink loaded the CA cert by default for the device and this will definitely pass the vulnerability scanner ? The answer for this is that the CA Certificate must be signed base on the customer domains & IP for the locations, hence impossible to have a single cert that able to achieve this. Let’s us make a assumption that able to be achieved then the “CA cert” will no longer have the validity on it and work exactly like the self signed cert.
Peplink device always provide highest security update for all the features in the latest firmware version. Please make sure you are running using latest firmware This will make sure the device is secure in the network.