UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The DoD Root CA certificates must be installed in the Trusted Root Store.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32272 WINPK-000001 SV-42594r4_rule Medium
Description
To ensure secure DoD websites and DoD-signed code are properly validated, the system must trust the DoD Root Certificate Authorities (CAs). The DoD root certificates will ensure that the trust chain is established for server certificates issued from the DoD CAs.
STIG Date
Windows 2008 Domain Controller Security Technical Implementation Guide 2017-04-28

Details

Check Text ( None )
None
Fix Text (F-76943r2_fix)
Install the DoD Root CA certificates.
DoD Root CA 2
DoD Root CA 3
DoD Root CA 4

The InstallRoot tool is available on IASE at http://iase.disa.mil/pki-pke/Pages/tools.aspx.