SV-99861r1_rule
V-89211
SRG-APP-000439-WSR-000156
VRAU-HA-000460
CAT I
10
Navigate to and open /etc/haproxy/conf.d/30-vro-config.cfg
Navigate to and configure the "frontend https-in-vro-config" section with the following value:
bind :8283 ssl crt /opt/vmware/etc/lighttpd/server.pem ciphers FIPS:+3DES:!aNULL no-sslv3
Navigate to and open /etc/haproxy/conf.d/20-vcac.cfg
Navigate to and configure the "frontend https-in" section with the following value:
bind 0.0.0.0:443 ssl crt /etc/apache2/server.pem ciphers FIPS:+3DES:!aNULL no-sslv3
At the command prompt, execute the following command:
grep -EnR '\bbind\b.*\bssl\b' /etc/haproxy
Verify that each returned line contains the no-sslv3 value.
If any lines do not have this value, this is a finding.
V-89211
False
VRAU-HA-000460
At the command prompt, execute the following command:
grep -EnR '\bbind\b.*\bssl\b' /etc/haproxy
Verify that each returned line contains the no-sslv3 value.
If any lines do not have this value, this is a finding.
M
3455