Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The HPE Nimble must obtain its public key certificates from an appropriate certificate policy through an approved service provider.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-252198 | HPEN-NM-000130 | SV-252198r814074_rule | Medium |
| Description |
|---|
| For user certificates, each organization obtains certificates from an approved, shared service provider, as required by OMB policy. For federal agencies operating a legacy public key infrastructure cross-certified with the Federal Bridge Certification Authority at medium assurance or higher, this Certification Authority will suffice. |
| STIG | Date |
|---|---|
| HPE Nimble Storage Array Security Technical Implementation Guide | 2022-03-16 |
Details
| Check Text ( C-55654r814072_chk ) |
|---|
| Type "cert --list". Review the output to confirm that the custom-ca and custom certificates exist, and the "Use" values specified for HTTPS and APIS are both "custom". If not, this is a finding. |
| Fix Text (F-55604r814073_fix) |
|---|
| To create and import a custom, CA-signed certificate follow these steps: 1. Type "cert --gen custom-csr". Copy the displayed CSR and submit it to an appropriate signing authority. 2. Type "cert --import custom-ca" and paste the PEM-encoded CA certificate chain as input to the command. 3. Type "cert --import custom" and paste the signed certificate obtained from the CA. |