Workload misconfigurations

Ensure that registry certificate file ownership is set to root:root (Automated)

Risk Level

Informational (4)

  • N/A

Compliance Frameworks


You should verify that all the registry certificate files (usually found under /etc/docker/certs.d/ directory) are individually owned and group owned by root.
  • Recommended Mitigation

    The following command could be executed: 'chown root:root /etc/docker/certs.d//*'. This would set the individual ownership and group ownership for the registry certificate files to root.