Port 8443 is enabled in Listening mode but we are not using SSL
search cancel

Port 8443 is enabled in Listening mode but we are not using SSL

book

Article ID: 373644

calendar_today

Updated On:

Products

DX NetOps CA Virtual Network Assurance

Issue/Introduction

We have noticed that all of our VNA servers are showing port 8443 in listening mode and we are not using HTTPs.  Our security team has scanned and found this to be a vulnerability.

How can we prevent VNA from listening on port 8443 if we have no intention of using HTTPS?

Environment

VNA 22.2.5

Resolution

To stop port 8443 from listening, just run these steps on a VNA server that is not using HTTPS.

 

cd  $VNA_HOME/wildfly/bin
./jboss-cli.sh --connect
 /subsystem=undertow/server=default-server/https-listener=https:write-attribute(name=enabled,value=true)
exit

systemctl restart wildfly 

 

Additional Information

If for any reason you need to enable port 8443 you can run

 

cd  $VNA_HOME/wildfly/bin
./jboss-cli.sh --connect
 /subsystem=undertow/server=default-server/https-listener=https:write-attribute(name=enabled,value=true)
exit

systemctl restart wildfly 

 

 

Powered by Wolken Software