Using 3rd party wildcard cert to pass PCI scans
Hello. Currently we have a client using a firecluster of M470s. They have a PCI scan of their external IP address that is coming back as failing due to self signing of the cert. I found the documentation that states to use a 3rd party signed cert and how to install said cert. No problem there, but I still have two questions.
- If we use a wildcard cert of *.domain.com, will the scan still come back as failing because its hitting the IP address not the domain?
- Will this break anything? They do not use any VPN but I do believe there is a tunnel from their firewall to another vendor's firewall (they have offsite servers at a datacenter managed by another company).
Thank you in advance.