STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to VMware vRealize Automation 7.x Lighttpd Security Technical Implementation Guide

V-240250

CAT II (Medium)

Lighttpd must be configured to use only FIPS 140-2 approved ciphers.

Rule ID

SV-240250r879616_rule

STIG

VMware vRealize Automation 7.x Lighttpd Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-000803

Discussion

Use of cryptography to provide confidentiality and non-repudiation is not effective unless strong methods are employed with its use. Many earlier encryption methods and modules have been broken and/or overtaken by increasing computing power. The NIST FIPS 140-2 cryptographic standards provide proven methods and strengths to employ cryptography effectively.

Check Content

At the command prompt, execute the following command:

grep 'ssl.cipher-list' /opt/vmware/etc/lighttpd/lighttpd.conf

If the return value for "ssl.cipher-list" is not set to "FIPS: +3DES:!aNULL", this is a finding.

Fix Text

Navigate to and open /opt/vmware/etc/lighttpd/lighttpd.conf file

Configure the lighttpd.conf file with the following:

ssl.cipher-list = "FIPS: +3DES:!aNULL"