9.2.1 TODOΒΆ
Verify that connections to and from the server use trusted TLS certificates. Where internally generated or self-signed certificates are used, the server must be configured to only trust specific internal CAs and specific self-signed certificates. All others should be rejected.
| Level 1 | |
| Level 2 | X |
| Level 3 | X |
| CWE | NIST |
|---|---|
| 295 |