SQLTeam.com | Weblogs | Forums

Adding DOD cert on SQL server


#1

I'm seeing a vulnerability in ACAS stating its finding a self-signed
certificate on that port (1433). The vulnerability is categorized as medium

However, I think that is by Microsoft design but I'm not sure. which is why
I was researching it. Here is what the report is showing

The identities known by Nessus are :

155.7.156.91
dv156091.dmc.pa.mil

The Common Name in the certificate is :

SSL_Self_Signed_Fallback

I have a DoD certificate I generated for that server. I think it can be
also applied to SQL Server port 1433. But I've never done it before. So, im
not sure.