Vulnerability Scan picked up a PKCS12 (.p12) certificate files located on the SpectroSERVER. The Use of software certificates
and their accompanying installation files for end users to access resources is less secure than the use of hardware-based certificates.
Scan Results
---------------------------------------------------------
Rule Title: Software certificate installation files must be removed from Windows 2012/2012 R2.
Discussion: Use of software certificates and their accompanying installation files for end users to access resources is less secure than the use of hardware-based certificates.
Release : Any
Component : Spectrum Core / SpectroSERVER
The Secure Domain Manager (SDM) component of the SpectroSERVER installs with an SSL Certificate that is used to encrypt
communications when connecting to a Secure Domain Connector (SDC). The installation will lay down the certificate needed
to perform the encryption.
$SPECROOT/SDM/cert/
If the Secure Domain Connectors are not being used these certificate files can be removed and manually recreated at a later time. If the
Secure Domain Connector(s) are being used then these certificates are required to encrypt communications and should not be removed.