Our DevTest servers are continuously being scanned for vulnerabilities because our users can upload certs with the mar upload.

Many of these certs can be expired and when uploaded, reside on the DevTest directory: D:\apps\DevTest\CA\DevTest\lisatmp_10.7.2\

Once on the server, Qualys scans flag the server for having expired certificate vulnerabilities.

Please help to resolve this as we cannot control our users and the fact that they upload expired certs.

Release : 10.7.2 or newer

Component : DevTest Vulnerability

Expired certs in mar files  need to be removed. 

Here are some suggestions. 

Option 1:

Every time you have a restart,  delete the lisatmp_10.7.2  folder..  That would clear the expired jks files in lisatmp10.x/lads folder

Option 2:

Go to the project in DEVTEST folder,  and delete all the JKS files that is expired   and replace with the new file. 

Modify the Listen step  to reflect the change. 

Then redeploy those VSM's using an API. 

This should clear it permanently.