Windows Server 2019 PKI certificates associated with user accounts must be issued by a DoD PKI or an approved External Certificate Authority (ECA).

An XCCDF Rule

Details
Profiles

Description

A PKI implementation depends on the practices established by the Certificate Authority (CA) to ensure the implementation is secure. Without proper practices, the certificates issued by a CA have limited value in authentication functions.

ID: SV-205647r958448_rule
Version: WN19-DC-000300
Severity: High
References: CCI-000185
Updated: 6 days ago

Remediation Templates

Map user accounts to PKI certificates using the appropriate User Principal Name (UPN) for the network. See PKE documentation for details.

Windows Server 2019 PKI certificates associated with user accounts must be issued by a DoD PKI or an approved External Certificate Authority (ECA).

Description

Remediation Templates

A Manual Procedure