The External Root CA certificates must be installed in the Trusted Root Store on unclassified systems.

An XCCDF Rule

Details
Profiles

Description

To ensure secure websites protected with External Certificate Authority (ECA) server certificates are properly validated, the system must trust the ECA Root CAs. The ECA root certificates will ensure the trust chain is established for server certificates issued from the External CAs. This requirement only applies to unclassified systems.

ID: SV-253428r958448_rule
Version: WN11-PK-000010
Severity: Medium
References: CCI-000185
Updated: 5 days ago

Remediation Templates

Install the ECA Root CA certificates on unclassified systems.

ECA Root CA 4

The InstallRoot tool is available on Cyber Exchange at https://cyber.mil/pki-pke/tools-configuration-files. PKI can be found at https://crl.gds.disa.mil/.

The External Root CA certificates must be installed in the Trusted Root Store on unclassified systems.

Description

Remediation Templates

A Manual Procedure