ericloyd
commented
3 years ago There are a number of ways to obtain a trusted 3rd party signed certificate. Your security team probably knows of at least "letsencrypt." Maybe start there?
Closed 4gemenot closed 3 years ago
ericloyd
commented
3 years ago There are a number of ways to obtain a trusted 3rd party signed certificate. Your security team probably knows of at least "letsencrypt." Maybe start there?
4gemenot
commented
3 years ago Thank you Eric.
Is it possible you can point me to the location of the certificate of NCPA?
Thanks,
ericloyd
commented
3 years ago Sure thing. It's listed in the NCPA documentation at https://www.nagios.org/ncpa/help.php#configuration-option-reference
4gemenot
commented
3 years ago Closing this case, it is resolved.
Thanks,
Can it be signed by a recognized certificate authority? Our security team scans the servers, and they found this self-signed certificate of NCPA.
Nessus report:
Plugin Output: The following certificate was found at the top of the certificate chain sent by the remote host, but is self-signed and was not found in the list of known certificate authorities :
|-Subject : C=US/ST=Minnesota/L=St. Paul/O=Nagios Enterprises, LLC/OU=Development/CN=s1bioup0autp01