WN22-PK-000010 - Windows Server 2022 must have the DoD Root Certificate Authority (CA) certificates installed in the Trusted Root Store - Root CA 5

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

To ensure secure DoD websites and DoD-signed code are properly validated, the system must trust the DoD Root CAs. The DoD root certificates will ensure that the trust chain is established for server certificates issued from the DoD CAs.

Satisfies: SRG-OS-000066-GPOS-00034, SRG-OS-000403-GPOS-00182

Solution

Install the DoD Root CA certificates:

DoD Root CA 3
DoD Root CA 4
DoD Root CA 5

The InstallRoot tool is available on Cyber Exchange at https://cyber.mil/pki-pke/tools-configuration-files.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_Server_2022_V1R1_STIG.zip

Item Details

References: CAT|II, CCI|CCI-000185, CCI|CCI-002470, Rule-ID|SV-254442r849142_rule, STIG-ID|WN22-PK-000010, Vuln-ID|V-254442

Plugin: Windows

Control ID: dbd80d7eb14eba97436ef9f1101aaeb8afc170944b1f2f82771680f43de01a4e