From VMware Automation 7.x Application Security Technical Implementation Guide
Part of SRG-APP-000514-AS-000137
Associated with: CCI-002450
Class 3 PKI certificates are used for servers and software signing rather than for identifying individuals. Class 4 certificates are used for business-to-business transactions. Utilizing unapproved certificates not issued or approved by DoD or CNS creates an integrity risk. The application server must utilize approved DoD or CNS Class 3 or Class 4 certificates for software signing and business-to-business transactions.
Verify that Smart Card Authentication is in use with the following steps: 1. In vRA, go to Administration >> Directories Management >> Identity Providers. 2. Verify that the identity provider listed is the identity provider used for smart card authentication. 3. In vRA, go to Administration >> Directories Management >> Policies. 4. Verify that the default policy authentication method is set to "certificate". If the identity provider listed is not that used for smart card authentication, this is a finding. If the default policy authentication method is not set to "certificate", this is a finding.
Configure vRA to use Smart Card Authentication with the following steps: 1. Set up smart card infrastructure as per VMware documentation, if required. 2. In vRA, go to Administration >> Directories Management >> Identity Providers. 3. Add the identity provider used for smart card authentication. 4. In vRA, go to Administration >> Directories Management >> Policies. 5. Edit default policy and change authentication method to "certificate".
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer