Last Modified: Sep 16, 2020
See more info
Known Affected Versions:
15.1.0, 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 16.0.0, 184.108.40.206
Opened: Feb 27, 2020
Clicking the 'Fix Automatically' button in the PCI Compliance page does not replace the insecure client SSL profile attached on an HTTP/2 virtual server, with a secure one. The compliance state shows as a red cross mark, indicating the virtual server to be noncompliant.
The provision for enhanced configuring does not function as expected for HTTP/2-based virtual servers.
-- Clicking the 'Fix Automatically' button on the PCI compliance page. -- A noncompliant PCI profile is attached to the HTTP/2 virtual server. -- A PCI-compliant, client SSL profile with renegotiation disabled is available in the SSL profiles.
Manually configure a PCI-compliant profile in SSL profiles, with renegotiation disabled, and attach it to the virtual server.