Why are we seeing many self signed certificates upon scanning?

Why are we seeing many self signed certificates upon scanning?

book

Article ID: KB0082300

calendar_today

Updated On:

Products Versions
TIBCO BusinessConnect 6.X

Description

When running a security scan, many self signed certificates with Subject : CN=GatewayServerTrust/O=DMZ-DDTP are reported by the scanning tool.

Resolution

These certificates are used by the Gateway Server. The Business Connect Gateway Server uses an internally generated self-signed certificate (which is part of the Gateway Token) for the TLS connections between the interior and gateway server. This certificate is only used by Business Connect internally and is not exposed to the trading partners.

Issue/Introduction

Unrecognized self signed certificates found upon doing security scanning the BusinessConnect Gateway Server