Our DevTest servers are continuously being scanned for vulnerabilities because our users can upload certs with the mar upload.
Many of these certs can be expired and when uploaded, reside on the DevTest directory: D:\apps\DevTest\CA\DevTest\lisatmp_10.7.2\
Once on the server, Qualys scans flag the server for having expired certificate vulnerabilities.
Please help to resolve this as we cannot control our users and the fact that they upload expired certs.
Release : 10.7.2 or newer
Component : DevTest Vulnerability
Expired certs in mar files need to be removed.
Here are some suggestions.
Option 1:
Every time you have a restart, delete the lisatmp_10.7.2 folder.. That would clear the expired jks files in lisatmp10.x/lads folder
Option 2:
Go to the project in DEVTEST folder, and delete all the JKS files that is expired and replace with the new file.
Modify the Listen step to reflect the change.
Then redeploy those VSM's using an API.
This should clear it permanently.