The WebSphere Application Server must not generate LTPA keys automatically.

An XCCDF Rule

Description

<VulnDiscussion>Automated LTPA key generation can create unplanned outages. Plan to change your LTPA keys during a scheduled outage. Distribute the new keys to all nodes in the cell and to all external systems/cells during this outage window.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-96095r1_rule
Severity: Low
References: CCI-002475
Updated: about 1 year ago

Navigate to Security >> SSL Certificate and Key Management >> Key set groups >> Cell LTPAKeySetGroup.

Uncheck automatically generate keys.

Click "OK".
Click "Save".

Restart the "Deployment Manager".

The WebSphere Application Server must not generate LTPA keys automatically.

Description

Remediation - Manual Procedure