TCAT-AS-000710 – Keystore file must be protected.
Details Keystore file contains authentication information used to access application data and data resources. Access to the file must be...
- Home
- Security Hardening
- DISA STIG Apache Tomcat Application Server 9 V2R3 Middleware
DISA STIG Apache Tomcat Application Server 9 V2R3 Middleware
TCAT-AS-000750 – Tomcat must use FIPS-validated ciphers on secured connectors.
Details Connectors are how Tomcat receives requests over a network port, passes them to hosted web applications via HTTP or...TCAT-AS-000780 – Access to JMX management interface must be restricted.
Details Java Management Extensions (JMX) is used to provide programmatic access to Tomcat for management purposes. This includes monitoring and...TCAT-AS-000790 – Access to Tomcat manager application must be restricted.
Details The Tomcat manager application is used to manage the Tomcat server and the applications that run on Tomcat. By...TCAT-AS-000800 – Tomcat servers must mutually authenticate proxy or load balancer connections.
Details Tomcat servers are often placed behind a proxy when exposed to both trusted and untrusted networks. This is done...