APIs & Integrations

Search APIs & Integrations for solutions or ask a question
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
lshroff

‎Mar 14, 2025 12:00 PM

Member

Failing PCI Vulnerability Scan

SOLVE

Hello,

 

We ran a PCI scan on our HubSpot website, and we are failing an element of our PCI scan with the scan stating that they found a vulnerability with SSL servers using TLS 1.0.

 

In our Settings -> Domains and URLs, all our domains are set to require HTTPS + TLS 1.2+.

 

Is there any other setting we are missing to make sure no SSL-enabled servers are using TLS 1.0?

 

Thanks

Developer tools
0 Upvotes
1 Accepted solution
Josh
Solution
Recognized Expert | Diamond Partner

‎Mar 14, 2025 1:26 PM

Recognized Expert | Diamond Partner

Failing PCI Vulnerability Scan

SOLVE

Hi @lshroff,

 

One thing you can check is that your TLS setting is set to 1.2+ for all domains on the account; which would include subdomains, secondary domains, and redirected domains (for example, non-www to www).

 

Just in case you don't already have this: https://knowledge.hubspot.com/domains-and-urls/ssl-and-domain-security-in-hubspot

 

Josh

 




Did this post help solve your problem? If so, please mark it as a solution.

Josh Curcio

HubSpot support and inbound marketing for OEMs, contract manufacturers, and industrial suppliers.
HubSpot Diamond Partner & HubSpot Certified Trainer

View solution in original post

2 Replies 2
lshroff

‎Mar 17, 2025 7:06 PM

Member

Failing PCI Vulnerability Scan

SOLVE

Thank you very much for your reply! We have configured our security settings based on the linked documentation, and will follow-up if we have questions!

0 Upvotes
Josh
Solution
Recognized Expert | Diamond Partner

‎Mar 14, 2025 1:26 PM

Recognized Expert | Diamond Partner

Failing PCI Vulnerability Scan

SOLVE

Hi @lshroff,

 

One thing you can check is that your TLS setting is set to 1.2+ for all domains on the account; which would include subdomains, secondary domains, and redirected domains (for example, non-www to www).

 

Just in case you don't already have this: https://knowledge.hubspot.com/domains-and-urls/ssl-and-domain-security-in-hubspot

 

Josh

 




Did this post help solve your problem? If so, please mark it as a solution.

Josh Curcio

HubSpot support and inbound marketing for OEMs, contract manufacturers, and industrial suppliers.
HubSpot Diamond Partner & HubSpot Certified Trainer

Sunny

Sign up for the Developer Newsletter

Fresh content delivered to your inbox every month.
Failing PCI Vulnerability Scan
Hi @lshroff,   One thing you can check is that your TLS setting is set to 1.2+ for all domains on the account; which would include subdomains, secondary domains, and redirected domains ...
Hi @lshroff,   One thing you can check is that your TLS setting is set to 1.2+ for all domains on the account; which would include subdomains, secondary domains, and redirected domains ...
Developers
Mar 17, 2025