In our PCI scan there were many vulnerabilities i.e. self-signed, invalid maximum validity date and etc. So, we created our own root CA in one of our server which is running on Microsoft Windows Server 2012. We are using Kerio mail server as mail and OTP sender to our clients. We have requested a certificate from Kerio, then signed it with our root CA and imported the signed certificate to the Kerio.
Fortunately, the previous vulnerabilities have been resolved, and we are getting the new vulnerability "SSL Certificate - Signature Verification Failed Vulnerability" after PCI scan. I did some researches and tried all the suggested approaches, but still it comes under the vulnerability list.
I will appreciate any quick reply.
Thanks in advance,