Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Exchange Servers must use approved DoD certificates.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-234770 | EX13-CA-000030 | SV-234770r617251_rule | Medium |
| Description |
|---|
| Server certificates are required for many security features in Exchange; without them the server cannot engage in many forms of secure communication. Failure to implement valid certificates makes it virtually impossible to secure Exchange's communications. |
| STIG | Date |
|---|---|
| Microsoft Exchange 2013 Client Access Server Security Technical Implementation Guide | 2021-12-16 |
Details
| Check Text ( C-37956r617249_chk ) |
|---|
| Open the Exchange Management Shell and enter the following command: Get-ExchangeCertificate | Select CertificateDomains, issuer If the value of CertificateDomains does not indicate it is issued by the DoD, this is a finding. |
| Fix Text (F-37919r617250_fix) |
|---|
| Remove the non-DoD certificate and import the correct DoD certificates. |