VMware Workstation installs an SSL certificate with:
Subject : C=US/L=Palo Alto/OU=VMware/CN=VMware/E=none@vmware.com
This results in several findings in ACAS (Nessus) related to "SSL Certificate Cannot Be Trusted", "SSL Certificate With Wrong Hostname", "SSL Self-Signed Certificate"
What is the certificate for? How is it generated? Can I replace it with a "real" certificate signed by a trusted CA?
This is a fairly important issue for anyone who uses Workstation in a DoD echelon... within a few months, all of these findings must be remediated or have a POA&M (Plan Of Action & Milestones) to fix it. The best answer would be to replace the certificate with one signed by a DoD CA. Probably second-best would be to delete it if there's no core functionality that depends on it. But just ignoring it isn't going to be acceptable.
Hi
Welcome to communities.
please go through below link and share your output.
You should probably open a support issue since it sounds like you need an official authoritative answers and not half-guesses by the community.
// Linjo
Hi
Welcome to communities.
please go through below link and share your output.
Thank you Aiden!!!