Nutanix AOS must have TLS enabled.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-279418 | SRG-APP-000014-AS-000009 | NXAC-AS-000004 | SV-279418r1191040_rule | 2026-02-24 | 1 |
Description
Remote management access is accomplished by leveraging common communication protocols and establishing a remote connection to the application server via a network for the purposes of managing the application server. If cryptography is not used, then the session data traversing the remote connection could be intercepted and compromised.
Types of management interfaces used by an application server include web-based HTTPS interfaces as well as command line-based management interfaces.
Satisfies: SRG-APP-000014-AS-000009, SRG-APP-000015-AS-000010
ℹ️ Check
Verify the Signing Algorithm of the current TLS certificate.
1. Log in to Prism Element.
2. Click the gear icon in the upper-right corner.
3. Navigate to "SSL Certificate".
If there is no DOD TLS certificate loaded, this is a finding.
✔️ Fix
Import a DOD PKI-issued TLS certificate.
1. Click the gear icon in the upper-right corner.
2. Navigate to "SSL Certificate".
3. Select the option to import certificate and follow the prompts.