HPE Community
HPE SimpliVity
1819717 Members
2915 Online
109606 Solutions
New Discussion юеВ

Omnistack Certificate SSL over ports 9190 and 9390

 
SOLVED
Go to solution
FrediCocon
Occasional Advisor

тАО11-30-2023 03:32 PM - last edited on тАО12-03-2023 09:57 PM by

тАО11-30-2023 03:32 PM - last edited on тАО12-03-2023 09:57 PM by

Omnistack Certificate SSL over ports 9190 and 9390

Hello everyone, I hope you can help me, Nessus has detected two vulnerabilities in some Omnistacks Virtual Controllers v4.2.0, they are related to SSL certificates, but on ports 9390 and 9190, the certificate on port 443 has already been updated (svt-nginx) and it does not appear vulnerable, but those of port 9390 and 9190 appear as:

- SSL Certificate Cannot Be Trusted - Plugin ID 51192

- SSL Self-Signed Certificate - Plugin ID 57582

These ports point to the svtfs service:

# netstat -tlpan | egrep "9190|9390"
tcp 0 0 0.0.0.0:9390 0.0.0.0:* LISTEN 2395/svtfs
tcp 0 0 10.150.120.200:9190 0.0.0.0:* LISTEN 2395/svtfs
root@omnicube-ip120-200:~# ps -ef | grep 2395
root 2395 1 40 Nov24 ? 2-17:04:35 /var/tmp/build/bin/svtfs 0

Does anyone know how I can renew them, or any additional action to close those ports without affecting functionality?

Thanks for your supportt and best regards

0 Kudos
Reply
3 REPLIES 3
Sanika
HPE Pro

тАО12-03-2023 10:04 AM

тАО12-03-2023 10:04 AM

Re: Omnistack Certificate SSL over ports 9190 and 9390


Hi FrediCocon,

To renew the certificate related to SSL on ports 9390 and 9190, I am not sure if we have customer-facing documentation with a procedure to renew it.

However, details related to that can be found in the below links:

https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00131388en_us  (page 35 onwards)

https://kb.vmware.com/s/article/2015600

You may please contact HPE support team for assistance regarding the renewal process without impacting the existing application setup.

Hope this helps.

Regards,
Sanika.

 



I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
0 Kudos
Reply
Sanika
HPE Pro

тАО12-20-2023 11:59 PM

тАО12-20-2023 11:59 PM

Solution

Re: Omnistack Certificate SSL over ports 9190 and 9390

Hello @FrediCocon 

Let me know if you were able to resolve the issue.

If you have no further query and you are satisfied with the answer then kindly mark the topic as Solved so that it is helpful for all community members.

Regards,
Sanika.



I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
0 Kudos
Reply
FrediCocon
Occasional Advisor

тАО12-21-2023 07:16 PM

тАО12-21-2023 07:16 PM

Re: Omnistack Certificate SSL over ports 9190 and 9390

Hello @Sanika , it was not possible to install the SSL certificates on ports 9390 and 9190, we opened a HPE support ticket, who confirmed that these ports are for internal communication, and there is no procedure to apply custom certificates in these services, with this we justify to the client that cannot be remedied, thanks for your support

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.