Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Ichi
New Contributor

PCI Compliance Scan Failed

Trustwave is scanning my company's physical IP address for vulnerabilities.

 

The scan's results are always showing "failing" for two issues.

 

The vulnerability name is "SSL Certificate Public Key Too Small" for ports 8010 and 8013.

 

Despite installing a 4096 bit SSL certificate, the scan is still failing.

 

Does anyone have advice how to fix this?

2 REPLIES 2
kevinschmall
New Contributor

I'm having the same problem, did you figure this out?

emnoc
Esteemed Contributor III

What's using  port 8010 and 8013 and what  certificate is bound to that two services? By just installing a certificate alone does not mean all services uses that certificate.

 

So in your case 8010/8013 are probably policy override and  telemetry (  assuming here ) so disable these services if they are not required

 

I would review this  post  for  the 8010/8013 issues but these port by default do not have ssl/tls services

 

[link]https://forum.fortinet.com/tm.aspx?m=124655[/link]

 

 

 

 

Ken

 

PCNSE 

NSE 

StrongSwan