Updating Pulse Secure vTM Control Port(9080) Certificate
We noticed that the certificate that is used by the Pulse Secure vTM control port (9080) uses a self signed certificate which is trigering our security scan as vulnerable. Is there a way to update the certificate been used by the control port? I have looked through the Pulse Secure vTM docs but couldn't find anything in there that talks about it. The control port certificate seems to be stored in
with the private key called
and the public key called
In addition to this, the control.public key is used in the config found in
for the cluster.
Any thoughts or suggestions on how to go about updating this certificate?
Re: Updating Pulse Secure vTM Control Port(9080) Certificate
As of vTM 20.1 the control cert can be a cert chain, not just a self-signed cert.
Updating the cert for now is a manual process, which is to manually replace the cert/key files and edit the config in conf/zxtms/hostname with a text editor. (Note the cluster config needs to be manually sync after editting anything in conf). There is open RFE-1453 to automate this process.
If you need further assistance with this, and have a support contract, then please open a support case with us.