Skip to content

The Automation Controller NGINX web server must use cryptography on all remote connections.

An XCCDF Rule

Description

<VulnDiscussion>Nondisplayed data on a web page may expose information that could put the organization at risk and negatively affect data integrity. Automation Controller's web server must be configured such that all connections, regardless of their origin, between the server and the user are encrypted using cryptography.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-256942r960762_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

As a System Administrator, locate the inventory file used to install Ansible Automation Platform (usually in the installer directory). Edit this file and ensure the "nginx_disable_https" variable is absent or is set to "false".

Run the setup.sh command in the installer directory to reconfigure the controller to use the new setting:

sudo ./setup.sh