Solved: Re: Workstation SSL certificate

sysjno · ‎06-30-2014

VMware Workstation installs an SSL certificate with:

Subject : C=US/L=Palo Alto/OU=VMware/CN=VMware/E=none@vmware.com

This results in several findings in ACAS (Nessus) related to "SSL Certificate Cannot Be Trusted", "SSL Certificate With Wrong Hostname", "SSL Self-Signed Certificate"

What is the certificate for? How is it generated? Can I replace it with a "real" certificate signed by a trusted CA?

This is a fairly important issue for anyone who uses Workstation in a DoD echelon... within a few months, all of these findings must be remediated or have a POA&M (Plan Of Action & Milestones) to fix it. The best answer would be to replace the certificate with one signed by a DoD CA. Probably second-best would be to delete it if there's no core functionality that depends on it. But just ignoring it isn't going to be acceptable.

Aiden1 · ‎07-01-2014

Hi

Welcome to communities.

please go through below link and share your output.

http://pubs.vmware.com/workstation-10/index.jsp?topic=%2Fcom.vmware.ws.using.doc%2FGUID-F93E6851-951...

View solution in original post

Linjo · ‎06-30-2014

You should probably open a support issue since it sounds like you need an official authoritative answers and not half-guesses by the community.

// Linjo

Best regards, Linjo Please follow me on twitter: @viewgeek If you find this information useful, please award points for "correct" or "helpful".

Aiden1 · ‎07-01-2014

Hi

Welcome to communities.

please go through below link and share your output.

http://pubs.vmware.com/workstation-10/index.jsp?topic=%2Fcom.vmware.ws.using.doc%2FGUID-F93E6851-951...

sysjno · ‎07-01-2014

Thank you Aiden!!!

All

Workstation SSL certificate