2.2.8 Ensure that the client certificate authorities file ownership is set to root:root

Information

Ensure that the certificate authorities file ownership is set to root:root.

Rationale:

The certificate authorities file controls the authorities used to validate API requests. You should set its file ownership to maintain the integrity of the file. The file should be owned by 'root:root'.

Solution

Run the following command to modify the ownership of the '--client-ca-file'.

chown root:root

Impact:

None

See Also

https://workbench.cisecurity.org/files/1788

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CSCv6|5.1

Plugin: Unix

Control ID: fbfec2f44bbed8a2b2ec12e57dc4840386354dc9637de372a8526bf91815bdb3