I recently had a security audit done and a few concerns came up.
When logging onto webmail, cpanel or whm, it needs to be through https:. When I do this I get the error that the certificate is invalid or does not match the site issued to. This is because I am accessing https://www.mydomain.com/webmail ... but it is pulling a cert for cpanel28.gzo.com.
Is there a way to get this to use the cert issued for my domain or have a login screen that does match the gzo cert?
My security company had this to say:
Access to webmail system uses a self-signed SSL certificate. Self-signed SSL certificates are used for testing purposes and provde privacy, but absolutely no authentication.
How can this be resolved?
When logging onto webmail, cpanel or whm, it needs to be through https:. When I do this I get the error that the certificate is invalid or does not match the site issued to. This is because I am accessing https://www.mydomain.com/webmail ... but it is pulling a cert for cpanel28.gzo.com.
Is there a way to get this to use the cert issued for my domain or have a login screen that does match the gzo cert?
My security company had this to say:
Access to webmail system uses a self-signed SSL certificate. Self-signed SSL certificates are used for testing purposes and provde privacy, but absolutely no authentication.
How can this be resolved?
Comment