Title

Remove Software Certificate Installation Files (Cat II impact)

Discussion

This check verifies that software certificate installation files have been removed from a system.

Check Content

Search all drives for *.p12 and *.pfx files. If any files with these extensions exist, then this is a finding. Documentable Explanation: This does not apply to server-based applications that have a requirement for .p12 certificate files (e.g., Oracle Wallet Manager). Some applications create files with extensions of .p12 that are NOT certificate installation files. Removal from systems of non-certificate installation files are not required. These should be documented with the IAO.

Fix Text

Remove any certificate installation files found on a system. Note: This does not apply to server-based applications that have a requirement for .p12 certificate files (e.g., Oracle Wallet Manager)

Additional Identifiers

Rule ID: SV-29464r1_rule

Vulnerability ID: V-15823

Group Title: Software Certificate Installation Files

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.