The KeyStores property of the Node Manager configured to support OHS must be configured for secure communication.
An XCCDF Rule
Description
<VulnDiscussion>Oracle Node Manager is a utility that can be used to perform common operational tasks across Managed Servers. These servers can be distributed across multiple machines and geographical locations. The "KeyStores" property is used to configure the keystore configuration that will be used by Node Manager to locate its identity (private key and digital certificate) and trust (trusted CA certificates). The property must be set to "CustomIdentityAndCustomTrust", which causes Node Manager to use an identity and trust keystore created by the SA.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-221421r879887_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
1. Open $DOMAIN_HOME/nodemanager/nodemanager.properties with an editor.
2. Search for the "KeyStores" property.
3. Set the "KeyStores" property to "CustomIdentityAndCustomTrust", add the property if it does not exist.