UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The External Root CA certificates must be installed in the Trusted Root Store on unclassified systems.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32273 WINPK-000002 SV-42601r4_rule Medium
Description
To ensure secure websites protected with External Certificate Authority (ECA) server certificates are properly validated, the system must trust the ECA Root CAs. The ECA root certificates will ensure the trust chain is established for server certificates issued from the External CAs. This requirement only applies to unclassified systems.
STIG Date
Windows 7 Security Technical Implementation Guide 2017-04-28

Details

Check Text ( None )
None
Fix Text (F-76965r2_fix)
Install the ECA Root CA certificates on unclassified systems.
ECA Root CA 2
ECA Root CA 4

The InstallRoot tool is available on IASE at http://iase.disa.mil/pki-pke/Pages/tools.aspx.