UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The DOD Root Certificate is not installed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-6318 DTBG010 SV-33373r2_rule Medium
Description
The DOD root certificate will ensure that the trust chain is established for server certificate issued from the DOD CA.
STIG Date
Mozilla Firefox 2017-01-06

Details

Check Text ( C-16602r3_chk )
Procedure: Navigate using the “Open Menu >> Options >> Advanced >> Certificates” dialog. Select the View Certificates button. On the “Certificate Manager” window, select the “Authorities” tab. Scroll through the Certificate Name list to the U.S. Government heading. Look for the entry for the DoD Root CA 2.

If there is an entry for the DoD Root CA 2, select the entry and then the View button. On the Certificate Viewer window, determine the value of the SHA1 Fingerprint field.

Criteria:
If there is no entry for the DoD Root CA 2, this is a finding.

For NIPRnet clients only,if the value of the SHA1 Fingerprint field of the DoD Root CA 2 certificate is not:
8C:94:1B:34:EA:1E:A6:ED:9A:E2:BC:54:CF:68:72:52:B4:C9:B5:61, this is a finding.
Fix Text (F-5841r2_fix)
Install the DOD CA 2 root certificate.