DMS system IIS SSL certificate

Solved1.01K views
0
0 Comments

Hi,

Greetings DOJO Hall.

Singtel used Tenable software to do a Windows Server scan on DMA1,2,3,DEV
Attached is the full report we only look at severity = high, critical.

DMA1 VM   (private IP 172.30.105.X)

DMA2 VM   (private IP 172.30.105.X)

DMA3 VM   (private IP 172.30.105.X)

DMA DEV   (private IP 172.30.105.X)

The DMA s are all running Web Servers.

Tenable software :51192 SSL Certificate General Medium[ severity]  172.30.105.5 DMA-DEV Server.

 

Tenable software :Synopsis: The SSL certificate for this service cannot be trusted

 

Tenable software: The following certificate was at the top of the certificate

chain sent by the remote host, but it is signed by an unknown

certificate authority :

Solution: Purchase or generate a proper SSL certificate for this service.

I tried self signed certificate does seem to work.

Please advise if Singtel need to purchase SSL certificate for DMA Web Servers or there is a work around.

Regard

Raj

Marieke Goethals [SLC] [DevOps Catalyst] Selected answer as best 18th July 2023

2 Answers

1
12.31K 0 Comments

Hi Seetharam,

For a certificate to be trusted, it needs to be obtained from a valid Certificate authority.

There are various options, some of them are paid, others offer free certificates.

A self-signed certificate will be marked as insecure as it's not generated by a valid Certificate authority.

Ive Herreman [SLC] [DevOps Catalyst] Answered question 3rd June 2021
You are viewing 1 out of 2 answers, click here to view all answers.