The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PCI SSL Self-Signed Certificate Problem

Discussion in 'General Discussion' started by Citizen, Oct 22, 2012.

  1. Citizen

    Citizen Active Member

    Joined:
    Sep 3, 2012
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I've got a valid SSL on my site and if I go to https://mydomain.com it loads just fine without any problems. In my PCI scan, however, I get the following warnings:

    And then it gives me these port numbers:

    995 tcp
    993 tcp
    465 tcp
    143 tcp
    110 tcp
    21 tcp

    I'm guessing that even though my site uses a valid ssl cert, it wants me to change my internal ssl certs used for ftp, mail, etc. Do I need to buy more ssl certs or can I just change these from using the default cert to using the one I purchased. If yes, how do I do that?
     
  2. Citizen

    Citizen Active Member

    Joined:
    Sep 3, 2012
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Any help would be appreciated.
     
  3. DenRomano

    DenRomano Member

    Joined:
    Oct 31, 2012
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    by default all the services use a unsigned ssl cert cpanel creates. Go into WHM and find

    Home »
    Service Configuration »
    Manage Service SSL Certificates

    click on "Install new Certificate" then BROWSE for the SSL you bought and submit it for each service
     
  4. Citizen

    Citizen Active Member

    Joined:
    Sep 3, 2012
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    For anyone finding this in the future, I was able to get an exception through my PCI auditor through acceptable use. WHM/CPanel ports can apparently be self-signed but you have to get an exception to pass.
     
Loading...

Share This Page