Hi,
I'm trying to get my server PCI compliant, and I'm using this scanner:
Check PCI DSS compliance - Online free pci dss compliance checker
Port 443 passes the test just fine:
"SSlv2 disabled. SSL Server won't allow Anonymous Authentication Vulnerability."
However, on ports 2087, 2083, 2096 and 2078 I receive the following error message:
SSL Server Allows Anonymous Authentication Vulnerability. A vulnerability exists in SSL communications when clients are allowed to connect using no authentication algorithm. An attacker can exploit this vulnerability to impersonate your server to clients.Please disable support for anonymous authentication.
Could you help me out to solve these issues?
Thanks a lot!
I'm trying to get my server PCI compliant, and I'm using this scanner:
Check PCI DSS compliance - Online free pci dss compliance checker
Port 443 passes the test just fine:
"SSlv2 disabled. SSL Server won't allow Anonymous Authentication Vulnerability."
However, on ports 2087, 2083, 2096 and 2078 I receive the following error message:
SSL Server Allows Anonymous Authentication Vulnerability. A vulnerability exists in SSL communications when clients are allowed to connect using no authentication algorithm. An attacker can exploit this vulnerability to impersonate your server to clients.Please disable support for anonymous authentication.
Could you help me out to solve these issues?
Thanks a lot!