STIGQter: STIG Summary: JBoss Enterprise Application Platform 6.3 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021: STIGQter: STIG Summary: JBoss Enterprise Application Platform 6.3 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:SV-213494r615939_rule
V-213494
SRG-APP-000014-AS-000009
JBOS-AS-000010
CAT II
10
Follow the specific instructions in the Red Hat Security Guide for EAP version 6.3 to configure the management console for HTTPS.
This involves the following steps.
1. Create a keystore in JKS format.
2. Ensure the management console binds to HTTPS.
3. Create a new Security Realm.
4. Configure Management Interface to use new security realm.
5. Configure the management console to use the keystore.
6. Restart the EAP server.
Log on to the OS of the JBoss server with OS permissions that allow access to JBoss. Using the relevant OS commands and syntax, cd to the <JBOSS_HOME>/bin/ folder.
Run the jboss-cli script. Connect to the server and authenticate.
For a standalone configuration run the following command:
"ls /core-service=management/management-interface=http-interface"
If "secure-socket-binding"=undefined, this is a finding.
For a domain configuration run the following command:
"ls /host=master/core-service=management/management-interface=http-interface"
If "secure-port" is undefined, this is a finding.
V-213494
False
JBOS-AS-000010
Log on to the OS of the JBoss server with OS permissions that allow access to JBoss. Using the relevant OS commands and syntax, cd to the <JBOSS_HOME>/bin/ folder.
Run the jboss-cli script. Connect to the server and authenticate.
For a standalone configuration run the following command:
"ls /core-service=management/management-interface=http-interface"
If "secure-socket-binding"=undefined, this is a finding.
For a domain configuration run the following command:
"ls /host=master/core-service=management/management-interface=http-interface"
If "secure-port" is undefined, this is a finding.
M
3987