OL6-00-000008 - Vendor-provided cryptographic certificates must be installed to verify the integrity of system software.

Information

This key is necessary to cryptographically verify packages that packages are from the operating system vendor.

Solution

To ensure the system can cryptographically verify the software packages come from the operating system vendor (and connect to the vendor's network software repository to receive them if desired), the vendor GPG key must properly be installed. To ensure the GPG key is installed, run:

# wget http://public-yum.oracle.com/RPM-GPG-KEY-oracle-ol6
# rpm --import RPM-GPG-KEY-oracle-ol6

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_6_V2R7_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-5(3), CAT|I, CCI|CCI-001749, Rule-ID|SV-219543r854338_rule, STIG-ID|OL6-00-000008, STIG-Legacy|SV-64895, STIG-Legacy|V-50689, Vuln-ID|V-219543

Plugin: Unix

Control ID: 9c5ef889372448e3ec59af65233ce12e7a555d3dad80f9a82bf24e4d660ed101