Our security office has detected an unmanaged self signed certificate tied back to a new OPMS server that we deployed.
We need to replace the certificate with a properly signed certificate or otherwise negate the risk
On the OPMS, the API is available on port 443 so that it can be used by a shared tunnel client running on a different OPMS.
The certificate is signed by a self-signed CA which is trusted by every OPMS on the network. This is OK because the OPMS is not accessed on this port from anywhere else except another OPMS. Thus the security issue is a false positive.
Release : SAAS
Component : CA APP SYNTHETIC MONITOR (WATCHMOUSE)
listen *:443 ssl;
If taking a backup of the smartpop.conf file do not leave it in the same folder as the nginx process will read all files in that folder and process the content.