The actual SSL certificate isn't the issue. From your description it sounds like the webserver is set up to accept "weak ciphers" which are not acceptable for PCI DSS compliance. Perhaps pointing your hosting company to http://blog.zenone.org/2009/03/pci-compliance-disable-sslv2-and-weak.html will help them out, if that's the problem.
Re: i figured as much the
Tue, 10/12/2010 - 15:51
#1
Re: i figured as much
the
SSL not SHA2...currently SHA1...need to be SHA2 By: sterg17 (3 replies) Tue, 10/12/2010 - 15:20
- i figured as much
the By: sterg17 (10/12/2010 - 15:44)
- Re: i figured as much the By: longwave (10/12/2010 - 15:51)
- Re: SSL not SHA2...currently SHA1...need to be SHA2 By: longwave (10/12/2010 - 15:28)