WBSP-AS-001520 - The WebSphere Application Server must not generate LTPA keys automatically.

Information

Automated LTPA key generation can create unplanned outages. Plan to change your LTPA keys during a scheduled outage. Distribute the new keys to all nodes in the cell and to all external systems/cells during this outage window.

Solution

Navigate to Security >> SSL Certificate and Key Management >> Key set groups >> Cell LTPAKeySetGroup.

Uncheck automatically generate keys.

Click 'OK'.

Click 'Save'.

Restart the 'Deployment Manager'.

See Also

http://iasecontent.disa.mil/stigs/zip/U_IBM_WebSphere_Traditional_V9-x_V1R1_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-28(1), CAT|III, CCI|CCI-002475, Rule-ID|SV-96095r1_rule, STIG-ID|WBSP-AS-001520, Vuln-ID|V-81381

Plugin: Windows

Control ID: 86f11475b878df07cda5fe73a9f8556e560d826f79fdd2099da9b2ace4663590