- This topic has 1 reply, 2 voices, and was last updated 3 years, 3 months ago by .
Viewing 2 posts - 1 through 2 (of 2 total)
Viewing 2 posts - 1 through 2 (of 2 total)
- You must be logged in to reply to this topic.
Hi,
We have an on-prem wms 1.2 deployment with thinos devices running 8.5_024, 8.6_027 and 8.6_303 firmware. WMS uses a self signed certificate.
I read in the release of DSA-2020-281: DELL WYSE THINOS 8.6 SECURITY UPDATE FOR INSECURE DEFAULT CONFIGURATION VULNERABILITIES, that the vulnerability shouldn’t apply when you use WMS.
Dows this also apply when you use a self signed certificate?
When I check on the thin client under ‘central configuration – WDA’, I see a red lock next to the WMS server address. ‘Enable CA Validation’ is unchecked.
I guess this means that we are not using https for the connection to the Wyse server?
I want to install an internal certificate on the Wyse server to replace the self signed one.
So the steps to take are :
1. upload the root CA certificate to the thin clients via security settings in WMS
2. Install the certificate on the Wyse server
3. Enable CA validation on the thin clients
Is this correct?
Thanks
Yes, as WMS uses SSL this vulnerability does not apply here regardless of the used certificate.
CG
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |