1

I've an IIS server which is hosted around 250 + sites. I am running a PCI scan against one website and its failing with these 2 errors:

Common name of SSL certificate presented on this server is for a different name
Title: SSL certificate with wrong name
Title: SSL self-signed certificate
SSL Certificate for this service ends in an unrecognized self-signed certificate

Both the errors are for RDP. The host name of my IIS server is web.xyz.domain.com and the website against which I run the test is example.com. I understand that hostname and website domain are different, but I can't change the host name to this website domain. Is there any other way to resolve this issue.?

Thanks in advance!!

Vysakh
  • 13
  • 4
  • An external PCI scan should not be able to connect to the RDP port in the first place. IMHO – HBruijn Jul 13 '16 at 14:17
  • @HBruijn: Thanks. Sorry, forgot to mention it is an AWS EC2. So, do you mean that I need to block RDP port if it is opened to public? – Vysakh Jul 13 '16 at 14:20
  • Ask yourself why would you have your RDP port, your management interface, open to the public? It should only be available for your administrators, not for your users – HBruijn Jul 13 '16 at 14:23
  • @HBruijn: Yes, I understand. But there were some business reasons behind that. Anyways let me see and shall post here how it goes this time. – Vysakh Jul 13 '16 at 14:24
  • Close the RDP port thats the fix. What ever the reason there are plenty of secure ways to connect remotely without having that port open – Drifter104 Jul 13 '16 at 14:52

0 Answers0