Skip to content

Windows Server 2022 must have the DoD Root Certificate Authority (CA) certificates installed in the Trusted Root Store.

An XCCDF Rule

Description

<VulnDiscussion>To ensure secure DoD websites and DoD-signed code are properly validated, the system must trust the DoD Root CAs. The DoD root certificates will ensure that the trust chain is established for server certificates issued from the DoD CAs. Satisfies: SRG-OS-000066-GPOS-00034, SRG-OS-000403-GPOS-00182</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-254442r958448_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Install the DoD Root CA certificates:

DoD Root CA 3
DoD Root CA 4
DoD Root CA 5
DoD Root CA 6