VCENTER-000019 - Revoked certificates must be removed from the vCenter Server

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

ensure the windows file permission on the ssl certificate directory files are set so only the vcenter service account and authorized vcenter server administrators can access them. ensure the directory and all files within are only accessible to the service user (system) and authorized vcenter server administrators. the location by default for vcenter this is c:\programdata\vmware\vmware virtualcenter\ssl and for the inventory service ssl certificate is c:\program files\vmware\infrastructure\inventory service\ssl.

See Also

http://iase.disa.mil/stigs/os/virtualization/Pages/index.aspx

Item Details

References: CAT|II, CCI|CCI-000366, Group-ID|V-39557, Rule-ID|SV-51415r1_rule, STIG-ID|VCENTER-000019, Vuln-ID|V-39557

Plugin: VMware

Control ID: 3f1fab3905cbcb51c5e6548f8f3dddfe2d5611c90f56c4abcea193395d583d87