PCI compliance is failing with error TCP 8443 pcsync-https SSL Certificate Cannot Be Trusted

PCI compliance is failing with error TCP 8443 pcsync-https SSL Certificate Cannot Be Trusted.

What is port 8443 used for and is this open by default on Sonicwall firewalls? I don't recall opening up this port and all previous PCI compliance scans have passed successfully.  Is it safe to block port 8443 on the firewall if it is not being used for anything?
Who is Participating?
rauenpcConnect With a Mentor Commented:
xterm is most likely correct that the port is opened up for web management. The failed certificate can be for a couple reasons. If you access the webpage via IP address you will always have a certificate error. If you access the page via FQDN and you don't have a trusted certificate installed you will get this error.

For PCI compliance purposes, I would do one of two things. Either limit the source IP's allowed to access the web management page, or disable it from the outside altogether and require that admin users either be connected from the inside of the network or via VPN. This way PCI scans will not see the port as being open.
pcsync-https on 8443/tcp is much like https on 443/tcp except that it's for medium-strength encryption (between 56-112 bits)

Many software products use this port (Cisco Broadband Access Center is one of them)  I'm guessing you have the port open to allow access to a web interface, but I gather there is a hostname mismatch or something between what the certificate name is vs. the name that clients are accessing it by.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.