Just got a response back from a different tech: "For the SSL Certificate
with Wrong Hostname, I have been informed that you can submit an Exception
Request under that finding:
Check the “Invalid Finding” radio button."
That is what I thought.
On Wed, Apr 11, 2018 at 9:14 AM, Jeremy <jeremysmi...@gmail.com> wrote:
> We keep failing our PCI compliance over what I believe is an error on
> their side. Our wildcard cert covers *.bluespring.me, which is used on
> multiple servers. They are wanting an exact match to our domain on the CN,
> which is "65-126-126-5.dia.static.bluespring.me". To me, *.bluesping.me
> IS a match. If I change the CN to that specific billing server then it
> will not match the website server. It was my understanding that this is
> the entire point of having a wildcard cert. Anyone else ever gone through
> this? Does their analysis that *.bluespring.me is NOT a match seem right
> to everyone here?