The WebSphere Application Server must not generate LTPA keys automatically.
An XCCDF Rule
Description
Automated LTPA key generation can create unplanned outages. Plan to change your LTPA keys during a scheduled outage. Distribute the new keys to all nodes in the cell and to all external systems/cells during this outage window.
- ID
- SV-96095r1_rule
- Version
- WBSP-AS-001520
- Severity
- Low
- References
- Updated
Remediation Templates
A Manual Procedure
Navigate to Security >> SSL Certificate and Key Management >> Key set groups >> Cell LTPAKeySetGroup.
Uncheck automatically generate keys.
Click "OK".