The External CA Root Certificate must be installed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32273 | WINPK-000002 | SV-42601r3_rule | IATS-1 IATS-2 | Medium |
| Description |
|---|
| To ensure secure websites protected with ECA server certificates on NIPRNet are properly validated, the system must trust the ECA Root CA 2. The ECA root certificate will ensure that the trust chain is established for server certificate issued from the External CA. This requirement only applies to NIPRNet systems. |
| STIG | Date |
|---|---|
| Windows 7 Security Technical Implementation Guide | 2014-12-13 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (F-48588r1_fix) |
|---|
| Install the ECA root CA 2 certificate on NIPRNet systems only. The InstallRoot tool is available on IASE at http://iase.disa.mil/pki-pke/function_pages/tools.html |