The DoD Root Certificate Exists

Description

The DoD root certificate should be installed in the Shared System Certificates store for Firefox to be able to access the DoD certificate. To install the root certificated into the Shared System Certificates store, copy the DoD root certificate into /etc/pki/ca-trust/source/anchors. Once the file is copied, run the following command:

$ sudo update-ca-trust extract

Rationale

The DOD root certificate will ensure that the trust chain is established for server certificates issued from the DOD CA.

ID: xccdf_org.ssgproject.content_rule_firefox_preferences-dod_root_certificate_installed
Severity: Medium
References: CCI-000054

IA-5 (2)

FFOX-00-000016

CCE-82056-3
Updated: about 1 year ago