Cloudflare SSL and PCI scan

ssl

#1

Hi,
One of our sites that uses Cloudflare with SSL got a scan. SSL security verification failed. The general shared SSL is PCI compliant, right?

This is the message we got:
FAIL - THREAT:
The SSL certificate for this service cannot be trusted

The following certificate was at the top of the certificate chain sent by the remote host, but it is signed by an unknown certificate authority
|-Subject : C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO Domain Validation Legacy Server CA 2
|-Issuer : C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN - DATACorp SGC

The first one (subject) is the cloudflared. I have no idea where the second line (issuer) comes from. Does Cloudflare purchase theSSL from them? If so, I think they’re not listed in trusted certificate providers anymore. Can anyone here help to understand what’s going on with this?

Thanks,
Had / Vortx


#2

You’ve got 49 domains, so I’m not sure which one is being discussed here. You may want to open a ticket directly with support.


#3

Yeah, I feel pretty dumb asking this, but can you get me a link to where I would open that ticket? I can’t find where to do that. :< Thank yoU!


#4

https://support.cloudflare.com/hc/en-us/requests


#5

No problem it can be hard to fine. I don’t think we do it intentionally… but it is linked to the KB so you have to go through there first.


#6

This topic was automatically closed after 14 days. New replies are no longer allowed.