AnsweredAssumed Answered

QID:38172 for ports other than 3389

Question asked by Tim Plantand on Jun 20, 2018
Latest reply on Jun 20, 2018 by DMFezzaReed

I have a site that is hosting a page that mandates a password/token to be entered by a user.  The TLS certificate in place has the regular TLS certificate content:

EKU = Client Authentication (1.3.6.1.5.5.7.3.2) Server Authentication (1.3.6.1.5.5.7.3.1)

Why is Qualys flagging my site with the QID:38172?

This is not RDP, this not port 3389 and the TLS certificate is valid.

Do I need to have an EKU that matches RDP requirements? 

 

Is this a false-positive from the scan?

 

Any help would be much appreciate it.

 

Tim

Outcomes