Our Company uses Tenable to scan desktop\servers for security flaws. One security issue that it finds on all of the VMware View desktops is an unTrusted Certificates
Details from Tenable -
The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :
|-Subject : CN=nameofdesktop.domain.com - actual desktop name\domain removed... you know - security : )
. The certificate is located at [Console Root\Certificates (Local Computer)\VMwareView\Certificates\nameofdesktop.domain.com] and [Console Root\Certificates (Local Computer)\Remote Desktop\Certificates\nameofdesktop.domain.com]
Does anyone know what the certificate is used for ( I assume remote connections)? Is it generated during a recompose or desktop creation? Most importantly - How do i get certs to be trusted?
Thank you.
M.
The tenable issue i am still fighting is below. I am trying to work with vmware but this isn't a high priority issue as the system works fine and there is no down time but i need to get it cleared up none the less. Anyone have any experience with getting the x.509 cert trusted on VDI linked clones.
Also, this cert is automatically regenerated at boot up if it is removed from the cert store.
Thanks.