Catalina - Issue or Obtain Public Key Certificates from an Approved Service Provider

Information

The organization _MUST_ issue or obtain public key certificates from an organization-approved service provider and ensure only approved trust anchors are in the System Keychain.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Obtain the approved certificates from the appropriate authority and install them to the System Keychain.

See Also

https://github.com/usnistgov/macos_security

Item Details

Category: IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|IA-5(2)(a), 800-53|SC-13, 800-53|SC-17, CCE|CCE-85302-8, CCI|CCI-000185, CCI|CCI-002450, STIG-ID|AOSX-15-003001

Plugin: Unix

Control ID: b9976d2712eb139f8f9066602081e6a243824690dbb78c292321f9239f42c139