For servers running ShadowSnap version 4.0.0, it is possible that you would receive a PCI vulnerability warning for SSL Certificate is Self-Signed, over port TCP 25566.
This issue was consulted with Datto support, we got confirmation that it is a false positive. The SSL certificates that they are currently using are signed by themselves, and this can be safely ignored.
They have one KB article that mentions this: https://kb.datto.com/hc/en-us/articles/115003216303-FAQ-Authentication-Methods-Compatible-with-Datto-Appliances
Here is the excerpt:
SSL: HTTPS and SSL are supported on Datto appliances running the SIRIS 3 (Ubuntu 16.04) software stack. Because these devices use a self-signed certificate, you may receive a browser warning that the certificate is untrusted when accessing the appliance’s GUI via HTTPS. If the appliance is on a managed switched network with no malicious activity, this warning can be disregarded.
Leave A Comment