|Finding ID||Version||Rule ID||IA Controls||Severity|
|Self-signed certificates, automatically generated by vCenter Server during the installation process, are not signed by a commercial CA, and might not provide strong security. Default self-signed certificates must be replaced with those from a trusted certification authority.|
|VMware vCenter Server Security Technical Implementation Guide||2013-01-15|
|Check Text ( C-VCENTER-000032_chk )|
| Ask the SA if self-signed certificates on the vCenter Server have been changed to certificates from a trusted certification authority. |
Alternatively, use the vSphere Client from a remote system to log into the vCenter Server. If a certificate warning dialog box appears, a valid certificate from a trusted certification authority is not used, and this is a finding.
|Fix Text (F-VCENTER-000032_fix)|
|Replace default self-signed certificates with those from a trusted certification authority, either a commercial CA or an organizational CA.|