Skip to main content

Remediation Steps

Follow the steps below to remediate this finding on Microsoft IIS webserver.

  1. Replace the self-signed certificate with one issued by a trusted Certificate Authority.

  2. For internal services, deploy a certificate from your internal PKI (Active Directory Certificate Services).

  3. For public-facing services, use a commercial CA or Let's Encrypt.

  4. In IIS Manager, update the HTTPS site binding to use the trusted certificate.

Back to top