Here’s another fail for the updated PCI scan:
- SSL Certificate is Not
Trusted (External Scan)
Port: tcp/32015
It was not possible to validate the SSL certificate, and thus it could not
be trusted. Users may receive a security warning when using this
service. This occurs because either the certificate or a certificate in its
chain has issues that prevent validation. Some examples of these
issues are, but not limited to, a certificate having expired, the
hostname does not have match the name on the certificate, or the
certificate is not signed by a well-known Certificate Authority (CA).
CVSSv2: AV:N/AC:M/Au:N/C:P/I:P/A:P
Service: generic_ssl
Evidence:
Subject: /OU=Domain Control Validated/OU=PositiveSSL/CN=captiveportal.
peplink.com
Issuer: /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA
Limited/CN=COMODO RSA Domain Validation Secure Server CA
Certificate Chain Depth: 0
Reason: The hostname on the certificate does not match any of the
hostnames provided to the scanner.
The issue I have here is that I have captive portal disabled on this device, so how the external scan is even picking up the captiveportal.peplink.com is confusing to me. Can anyone help me understand how this would be happening?