Title

The ISEC7 SPHERE, Tomcat installation, and ISEC7 Suite monitor must be configured to use the Windows Trust Store for the storage of digital certificates and keys. (Cat II impact)

Discussion

A trust store provides requisite encryption and access control to protect digital certificates from unauthorized access.

Check Content

Log in to the ISEC7 SPHERE Console. Navigate to Administration >> Configuration >> Apache Tomcat Settings. Verify that the type of Keystore being used is: Windows-MY If the type of Keystore being used is not Windows-MY, this is a finding.

Fix Text

Log in to the ISEC7 SPHERE Console. Navigate to Administration >> Configuration >> Apache Tomcat Settings. Select the type of Keystore to be used as: Windows-MY Restart the ISEC7 SPHERE Web service.

Additional Identifiers

Rule ID: SV-224775r1013838_rule

Vulnerability ID: V-224775

Group Title: SRG-APP-000516

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.