The operating system must produce, control, and distribute asymmetric cryptographic keys using approved PKI Class 3 certificates or prepositioned keying material.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-OS-000167-ESXI5-PF	SRG-OS-000167-ESXI5-PF	SRG-OS-000167-ESXI5-PF_rule		Medium

Description
Cryptographic key management and establishment can be performed using manual procedures or automated mechanisms with supporting manual procedures. In addition to being required for the effective operation of a cryptographic mechanism, effective cryptographic key management provides protections to maintain the availability of the information in the event of the loss of cryptographic keys by users. Permanent finding - ESXi v5 does not support this requirement.

Description

Cryptographic key management and establishment can be performed using manual procedures or automated mechanisms with supporting manual procedures. In addition to being required for the effective operation of a cryptographic mechanism, effective cryptographic key management provides protections to maintain the availability of the information in the event of the loss of cryptographic keys by users. Permanent finding - ESXi v5 does not support this requirement.

STIG	Date
VMware ESXi v5 Security Technical Implementation Guide	2013-01-15

Details

Check Text ( C-SRG-OS-000167-ESXI5-PF_chk )
ESXi does not support this requirement. This is a permanent finding.

Fix Text (F-SRG-OS-000167-ESXI5-PF_fix)
This requirement is a permanent finding and cannot be fixed. An appropriate mitigation for the system must be implemented but this finding cannot be considered fixed.