h1

Changes to the Adobe AEM/CQ Security Checklist

May 31, 2013

In case you have not seen it, Adobe made a change to the security checklist for AEM/CQ. The section that was added just recently is an explanation on how to change the admin password for the felix console.

The following recommendation has been added: 

In addition, Adobe recommends changing the OSGi (web) console password to something other than the admin password as not doing so:

  • Exposes the server with default password during startup and shutdown (that can take minutes for large servers)
  • Exposes the server when the repository is down/restarting bundle – and OSGI is running.

The description on how to do this can be found here: 

https://dev.day.com/docs/en/cq/current/deploying/security_checklist.html#Changing the OSGi web console admin password

this issue affects AEM5.6 and CQ5.5

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: