The operating system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-51365	OSX8-00-00750	SV-65575r1_rule		Medium

Description
For user certificates, each organization attains certificates from an approved, shared service provider, as required by OMB policy. For federal agencies operating a legacy public key infrastructure cross-certified with the Federal Bridge Certification Authority at medium assurance or higher, this Certification Authority will suffice. This control focuses on certificates with a visibility external to the information system and does not include certificates related to internal system operations, for example, application-specific time services.

Description

For user certificates, each organization attains certificates from an approved, shared service provider, as required by OMB policy. For federal agencies operating a legacy public key infrastructure cross-certified with the Federal Bridge Certification Authority at medium assurance or higher, this Certification Authority will suffice. This control focuses on certificates with a visibility external to the information system and does not include certificates related to internal system operations, for example, application-specific time services.

STIG	Date
Apple OS X 10.8 (Mountain Lion) Workstation STIG	2015-02-10

Details

Check Text ( C-53705r1_chk )
To view a list of installed certificates, run the following command: sudo security -dump-keychain \| grep labl \| awk -F\" '{ print $4 }' If this list does not contain approved certificates, this is a finding.

Fix Text (F-56163r1_fix)
Obtain the approved DOD certificates from the appropriate authority. Use Keychain Access from /Applications/Utilities to add certificates to the System keychain.