The macOS system must issue or obtain public key certificates from an approved service provider.

An XCCDF Rule

Description

<VulnDiscussion>The organization must issue or obtain public key certificates from an organization-approved service provider and ensure only approved trust anchors are in the System Keychain. Satisfies: SRG-OS-000403-GPOS-00182, SRG-OS-000775-GPOS-00230</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-268534r1034542_rule
Severity: Medium
References: CCI-002470 CCI-004909
Updated: 17 days ago

Configure the macOS system to issue or obtain public key certificates from an approved service provider by obtaining the approved certificates from the appropriate authority and install them to the System Keychain.

The macOS system must issue or obtain public key certificates from an approved service provider.

Description

Remediation - Manual Procedure