The ISEC7 SPHERE, Tomcat installation, and ISEC7 Suite monitor must be configured to use the Windows Trust Store for the storage of digital certificates and keys.

An XCCDF Rule

Details
Profiles
Prose

Description

<VulnDiscussion>A trust store provides requisite encryption and access control to protect digital certificates from unauthorized access.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-224775r1013838_rule
Severity: Medium
References: CCI-000366
Updated: 17 days ago

Log in to the ISEC7 SPHERE Console.
Navigate to Administration >> Configuration >> Apache Tomcat Settings.
Select the type of Keystore to be used as: 
Windows-MY
Restart the ISEC7 SPHERE Web service.

The ISEC7 SPHERE, Tomcat installation, and ISEC7 Suite monitor must be configured to use the Windows Trust Store for the storage of digital certificates and keys.

Description

Remediation - Manual Procedure