由于TLS 1.0导致PCI DSS失败 [英] Failing PCI DSS due to TLS 1.0
问题描述
我有许多Web应用运行,最小TLS设置为TLS 1.2,Https Only = true,自定义域绑定到通配符SSL(基于IP)。
I have a number of Web Apps running with Minimum TLS set to TLS 1.2, Https Only = true and custom domain bound to a wildcard SSL (IP based).
当我对域myApp.customdomain.co.uk进行PCI DSS扫描时,我得到了一个传递,并在底层myApp.azurewebistes.net上,所以到目前为止一切都很好。
When I run a PCI DSS scan against the domain myApp.customdomain.co.uk I get a pass on that and on the underlying myApp.azurewebistes.net, so all good so far.
但是,在PCI范围ssl.myApp.azurewebsites.net中列出了一个额外的域(我以前没见过),并且该域失败,因为它启用了TLS 1.0。我无法在门户网站中访问此域名,因此无法更改任何内容。
But, there is an additional domain (which I have not seen before ) listed in the PCI scope, ssl.myApp.azurewebsites.net and this domain is failing because it has TLS 1.0 enabled. I cannot access this domain in the portal so can't change anything.
有任何想法吗?
http://www.affinity-itsolutions.co.uk
http://www.affinity-itsolutions.co.uk
推荐答案
我不知道ssl.myapp.azurewebsites.net存在内部域名,因此我不确定这是Azure创建的内容。
I am not aware of an internal domain existing for ssl.myapp.azurewebsites.net and as a result I am not sure this is something created by Azure.
我有的问题:
1。如何定义PCI范围?
1. How is the PCI scope defined?
2。你能导航到ssl.myapp.azurewebsites.net网站吗?
2. Can you naviage to the ssl.myapp.azurewebsites.net site?
3。如果导航到Web应用程序的自定义域刀片,则为站点分配了哪些主机名? (请回复您的回复)
3. If you navigate to the custom domains blade for your web app, what hostnames are assigned to the site? (sanitize your reply please)
这篇关于由于TLS 1.0导致PCI DSS失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
