Windows Server 2019 domain controllers must have a PKI server certificate.
An XCCDF Rule
Description
Domain controllers are part of the chain of trust for PKI authentications. Without the appropriate certificate, the authenticity of the domain controller cannot be verified. Domain controllers must have a server certificate to establish authenticity as part of PKI authentications in the domain.
- ID
- SV-205645r958448_rule
- Version
- WN19-DC-000280
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Obtain a server certificate for the domain controller.