Skip to content
Catalogs
XCCDF
IBM Hardware Management Console (HMC) Security Technical Implementation Guide
SRG-OS-000366-GPOS-00153
A private web server must subscribe to certificates, issued from any DOD-authorized Certificate Authority (CA), as an access control mechanism for web users.
A private web server must subscribe to certificates, issued from any DOD-authorized Certificate Authority (CA), as an access control mechanism for web users. An XCCDF Rule
A private web server must subscribe to certificates, issued from any DOD-authorized Certificate Authority (CA), as an access control mechanism for web users.
Medium Severity
<VulnDiscussion>If the Hardware Management Consoles (HMC) is network-connected, use SSL encryption techniques, through digital certificates to provide message privacy, message integrity and mutual authentication between clients and servers. To maintain data integrity the IBM Certificate distributed with the HMC's is to be replaced by a DOD-authorized Certificate. Note: This check applies only to network-connected HMCs.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>