Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
ONTAP must obtain its public key certificates from an appropriate certificate policy through an approved service provider.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-246945 | NAOT-CM-000008 | SV-246945r769167_rule | Medium |
| Description |
|---|
| For user certificates, each organization obtains certificates from an approved, shared service provider, as required by OMB policy. For federal agencies operating a legacy public key infrastructure cross-certified with the Federal Bridge Certification Authority at medium assurance or higher, this Certification Authority will suffice. |
| STIG | Date |
|---|---|
| NetApp ONTAP DSC 9.x Security Technical Implementation Guide | 2021-07-28 |
Details
| Check Text ( C-50377r769165_chk ) |
|---|
| Use "security login show -authentication-method cert" to see user IDs created with public key certificates from a certificate authority. If ONTAP cannot obtain its public key certificates from an appropriate certificate policy, this is a finding. |
| Fix Text (F-50331r769166_fix) |
|---|
| Configure ONTAP to use public key certificates for authentication with "security certificate install -type client-ca -vserver |