Currently we still use some wildcards and have never had issues with PCI (level 
1) compliance from using them ….





From: Af <> on behalf of Jeremy <>
Reply-To: <>
Date: Wednesday, April 11, 2018 at 11:14 AM
To: <>
Subject: [AFMUG] PCI Compliance scan rejecting wildcard cert (CN)


We keep failing our PCI compliance over what I believe is an error on their 
side.  Our wildcard cert covers *, which is used on multiple 
servers.  They are wanting an exact match to our domain on the CN, which is 
"".  To me, * IS a match.  If 
I change the CN to that specific billing server then it will not match the 
website server.  It was my understanding that this is the entire point of 
having a wildcard cert.  Anyone else ever gone through this?  Does their 
analysis that * is NOT a match seem right to everyone here?

Reply via email to