CCI-004909
Include only approved trust anchors in trust stores or certificate stores managed by the organization.
The Cisco ASA must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider.
1 rule found Severity: Medium
The Cisco switch must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider.
3 rules found Severity: Medium
The DNS server implementation must include only approved trust anchors in trust stores or certificate stores managed by the organization.
1 rule found Severity: Medium
The network device must be configured to include only approved trust anchors in trust stores or certificate stores managed by the organization.
1 rule found Severity: Medium
Splunk Enterprise must only allow the use of DOD-approved certificate authorities for cryptographic functions.
2 rules found Severity: Medium
The web server must include only approved trust anchors in trust stores or certificate stores managed by the organization.
1 rule found Severity: Medium
NixOS, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.
1 rule found Severity: Medium
AAA Services must be configured to include only approved trust anchors in trust stores or certificate stores managed by the organization.
1 rule found Severity: Medium
1 rule found Severity: Medium
The application server must include only approved trust anchors in trust stores or certificate stores managed by the organization.
1 rule found Severity: Medium
The ALG must include only approved trust anchors in trust stores or certificate stores managed by the organization.
1 rule found Severity: Medium
Ubuntu 22.04 LTS, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.
1 rule found Severity: Medium
The Cisco router must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider.
2 rules found Severity: Medium
The Central Log Server must include only approved trust anchors in trust stores or certificate stores managed by the organization.
1 rule found Severity: Medium
AlmaLinux OS 9, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.
1 rule found Severity: Medium
The container platform must include only approved trust anchors in trust stores or certificate stores managed by the organization.
1 rule found Severity: Medium
The DBMS must include only approved trust anchors in trust stores or certificate stores managed by the organization.
1 rule found Severity: Medium
The Dell OS10 Switch must obtain its public key certificates from an appropriate certificate policy through an approved service provider.
1 rule found Severity: Medium
The HYCU virtual appliance must obtain its public key certificates from an appropriate certificate policy through an approved service provider.
1 rule found Severity: Medium
All IBM z/OS digital certificates in use must have a valid path to a trusted Certification authority.
1 rule found Severity: Medium
The operating system must include only approved trust anchors in trust stores or certificate stores managed by the organization.
1 rule found Severity: Medium
1 rule found Severity: Medium
The Juniper router must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider.
1 rule found Severity: Medium
All IBM z/OS digital certificates in use must have a valid path to a trusted Certification Authority (CA).
1 rule found Severity: Medium
The Mainframe Product must include only approved trust anchors in trust stores or certificate stores managed by the organization.
1 rule found Severity: Medium