For servers running ShadowSnap version 4.0.0, it is possible that you would receive a PCI vulnerability warning for SSL Certificate is Self-Signed, over port TCP 25566.

This issue was consulted with Datto support, we got confirmation that it is a false positive. The SSL certificates that they are currently using are signed by themselves, and this can be safely ignored.

They have one KB article that mentions this:

Here is the excerpt:

SSL: HTTPS and SSL are supported on Datto appliances running the SIRIS 3 (Ubuntu 16.04) software stack. Because these devices use a self-signed certificate, you may receive a browser warning that the certificate is untrusted when accessing the appliance’s GUI via HTTPS. If the appliance is on a managed switched network with no malicious activity, this warning can be disregarded.