Control Compliance Suite Vulnerability Manager - CCS VM, untrusted TLS/SSL server X.509 certificate:Servers reporting: Untrusted TLS/SSL server X.509 certificate(False Positive).
|Article:TECH196216|||||Created: 2012-09-06|||||Updated: 2015-02-09|||||Article URL http://www.symantec.com/docs/TECH196216|
Untrusted TLS/SSL server X.509 certificate:Servers reporting: Untrusted TLS/SSL server X.509 certificate(False Positive)
Windows 2008 R2 Standard 64 bit
CA root certificates not tracked by CCS-VM
The Nexpose default java keystore does not "trust" GoDaddy and Entrust CA as a Root CA.
Short term fix is to exclude them as FP's
Rapid 7 in process of generating an enhancement request to work around this issue by allowing customers to add/import arbitrary trusted Certificate Authorities (CA) to the Nexpose Store. Enhancement request ticket number is RFE IS-4485
Article URL http://www.symantec.com/docs/TECH196216