Title

Software certificate installation files must be removed from a system. (Cat II impact)

Discussion

Use of software certificates and their accompanying installation files for end users to access resources is less secure than the use of hardware-based certificates.

Check Content

Search all drives for *.p12 and *.pfx files. If any files with these extensions exist, then this is a finding. This does not apply to server-based applications that have a requirement for .p12 certificate files (e.g., Oracle Wallet Manager). Some applications create files with extensions of .p12 that are NOT certificate installation files. Removal from systems of non-certificate installation files are not required. These should be documented with the ISSO.

Fix Text

Remove any certificate installation files found on a system. This does not apply to server-based applications that have a requirement for .p12 certificate files (e.g., Oracle Wallet Manager).

Additional Identifiers

Rule ID: SV-25004r2_rule

Vulnerability ID: V-15823

Group Title: Software Certificate Installation Files

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.