Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-6318 | DTBG010 | SV-33373r2_rule | Medium |
Description |
---|
The DOD root certificate will ensure that the trust chain is established for server certificate issued from the DOD CA. |
STIG | Date |
---|---|
Mozilla Firefox | 2017-01-06 |
Check Text ( C-16602r3_chk ) |
---|
Procedure: Navigate using the “Open Menu >> Options >> Advanced >> Certificates” dialog. Select the View Certificates button. On the “Certificate Manager” window, select the “Authorities” tab. Scroll through the Certificate Name list to the U.S. Government heading. Look for the entry for the DoD Root CA 2. If there is an entry for the DoD Root CA 2, select the entry and then the View button. On the Certificate Viewer window, determine the value of the SHA1 Fingerprint field. Criteria: If there is no entry for the DoD Root CA 2, this is a finding. For NIPRnet clients only,if the value of the SHA1 Fingerprint field of the DoD Root CA 2 certificate is not: 8C:94:1B:34:EA:1E:A6:ED:9A:E2:BC:54:CF:68:72:52:B4:C9:B5:61, this is a finding. |
Fix Text (F-5841r2_fix) |
---|
Install the DOD CA 2 root certificate. |