Item Search

NameAudit NamePluginCategory
AIX7-00-001105 - AIX must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions - Certificate IssuerDISA STIG AIX 7.x v2r1Unix
AIX7-00-001105 - AIX must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions - Certificate IssuerDISA STIG AIX 7.x v2r8Unix
AIX7-00-001105 - AIX must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions - Certificate IssuerDISA STIG AIX 7.x v2r3Unix
AIX7-00-001105 - AIX must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions - ldapsslkeyfDISA STIG AIX 7.x v2r5Unix
AIX7-00-001105 - AIX must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions - useSSLDISA STIG AIX 7.x v2r8Unix
DTBI1075-IE11 - Prevent ignoring certificate errors option must be enabled.DISA STIG IE 11 v2r4Windows
EP11-00-009100 - The EDB Postgres Advanced Server must only accept end entity certificates issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs) for the establishment of all encrypted sessions.EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r3Windows
IIST-SI-000241 - The IIS 10.0 website must only accept client certificates issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs).DISA IIS 10.0 Site v2r5Windows
IIST-SI-000241 - The IIS 10.0 website must only accept client certificates issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs).DISA IIS 10.0 Site v2r8Windows
IISW-SI-000241 - The IIS 8.5 private website have a server certificate issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs).DISA IIS 8.5 Site v2r7Windows
IISW-SI-000241 - The IIS 8.5 private website have a server certificate issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs).DISA IIS 8.5 Site v2r1Windows
IISW-SI-000241 - The IIS 8.5 private website have a server certificate issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs).DISA IIS 8.5 Site v2r8Windows
JBOS-AS-000625 - JBoss must be configured to use DoD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA RedHat JBoss EAP 6.3 STIG v2r2Unix
JBOS-AS-000625 - JBoss must be configured to use DoD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA RedHat JBoss EAP 6.3 STIG v2r3Unix
JUSX-VN-000026 - The Juniper SRX Services Gateway VPN must only allow the use of DoD PKI established certificate authorities for verification of the establishment of protected sessions.DISA Juniper SRX Services Gateway VPN v2r2Juniper
MD3X-00-000730 - MongoDB must only accept end entity certificates issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs) for the establishment of all encrypted sessions.DISA STIG MongoDB Enterprise Advanced 3.x v2r2 OSUnix
OH12-1X-000298 - OHS must have the LoadModule ossl_module directive enabled so SSL requests can be processed with client certificates only issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs).DISA STIG Oracle HTTP Server 12.1.3 v2r1Unix
OH12-1X-000299 - OHS must have the SSLFIPS directive enabled so SSL requests can be processed with client certificates only issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs).DISA STIG Oracle HTTP Server 12.1.3 v2r1Unix
OH12-1X-000300 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled so SSL requests can be processed with client certificates only issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs) - SSLEngineDISA STIG Oracle HTTP Server 12.1.3 v2r1Unix
OH12-1X-000300 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled so SSL requests can be processed with client certificates only issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs) - SSLProtocolDISA STIG Oracle HTTP Server 12.1.3 v2r1Unix
OH12-1X-000300 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled so SSL requests can be processed with client certificates only issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs) - SSLWalletDISA STIG Oracle HTTP Server 12.1.3 v2r1Unix
OH12-1X-000302 - OHS must have the SSLVerifyClient directive enabled to only accept client certificates issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs).DISA STIG Oracle HTTP Server 12.1.3 v2r1Unix
OH12-1X-000303 - OHS must use wallets that have only DoD certificate authorities defined.DISA STIG Oracle HTTP Server 12.1.3 v2r1Unix
PANW-AG-000101 - The Palo Alto Networks security platform being used for TLS/SSL decryption using PKI-based user authentication must only accept end entity certificates issued by DoD PKI or DoD-approved PKI Certificate Authorities (CAs) for the establishment of protected sessions.DISA STIG Palo Alto ALG v2r2Palo_Alto
PANW-AG-000101 - The Palo Alto Networks security platform being used for TLS/SSL decryption using PKI-based user authentication must only accept end entity certificates issued by DoD PKI or DoD-approved PKI Certificate Authorities (CAs) for the establishment of protected sessions.DISA STIG Palo Alto ALG v2r3Palo_Alto
PPS9-00-009100 - The EDB Postgres Advanced Server must only accept end entity certificates issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs) for the establishment of all encrypted sessions - CAsEDB PostgreSQL Advanced Server OS Linux Audit v2r2Unix
SPLK-CL-000040 - Splunk Enterprise must only allow the use of DoD-approved certificate authorities for cryptographic functions.DISA STIG Splunk Enterprise 7.x for Windows v2r3 REST APISplunk
TCAT-AS-001430 - Certificates in the trust store must be issued/signed by an approved CA.DISA STIG Apache Tomcat Application Server 9 v2r5Unix
TCAT-AS-001430 - Certificates in the trust store must be issued/signed by an approved CA.DISA STIG Apache Tomcat Application Server 9 v2r7Unix
TCAT-AS-001430 - Certificates in the trust store must be issued/signed by an approved CA.DISA STIG Apache Tomcat Application Server 9 v2r2Unix
TCAT-AS-001430 - Certificates in the trust store must be issued/signed by an approved CA.DISA STIG Apache Tomcat Application Server 9 v2r4Unix
UBTU-18-010436 - The Ubuntu operating system must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA STIG Ubuntu 18.04 LTS v2r11Unix
UBTU-18-010436 - The Ubuntu operating system must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA STIG Ubuntu 18.04 LTS v2r12Unix
UBTU-18-010436 - The Ubuntu operating system must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA STIG Ubuntu 18.04 LTS v2r7Unix
UBTU-18-010436 - The Ubuntu operating system must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA STIG Ubuntu 18.04 LTS v2r14Unix
UBTU-18-010436 - The Ubuntu operating system must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA STIG Ubuntu 18.04 LTS v2r8Unix
UBTU-18-010436 - The Ubuntu operating system must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA STIG Ubuntu 18.04 LTS v2r10Unix
WDNS-SC-000022 - The Windows 2012 DNS Server must only allow the use of an approved DoD PKI-established certificate authorities for verification of the establishment of protected transactions.DISA Microsoft Windows 2012 Server DNS STIG v2r5Windows
WDNS-SC-000022 - The Windows 2012 DNS Server must only allow the use of an approved DoD PKI-established certificate authorities for verification of the establishment of protected transactions.DISA Microsoft Windows 2012 Server DNS STIG v2r6Windows
WINPK-000001 - The DoD Root CA certificates must be installed in the Trusted Root Store - DoD Root CA 2DISA Windows Server 2008 R2 MS STIG v1r33Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WINPK-000001 - The DoD Root CA certificates must be installed in the Trusted Root Store - Root CA 3DISA Windows Server 2008 DC STIG v6r47Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WINPK-000001 - The DoD Root CA certificates must be installed in the Trusted Root Store - Root CA 5DISA Windows Server 2008 DC STIG v6r47Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WINPK-000003 - The DoD Interoperability Root CA cross-certificates must be installed in the Untrusted Certificates Store on unclassified systems - DoD Root CA 2DISA Windows Server 2008 R2 DC STIG v1r34Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WINPK-000003 - The DoD Interoperability Root CA cross-certificates must be installed in the Untrusted Certificates Store on unclassified systems - DoD Root CA 3DISA Windows Server 2008 DC STIG v6r47Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WINPK-000004 - The US DoD CCEB Interoperability Root CA cross-certificates must be installed in the Untrusted Certificates Store on unclassified systems.DISA Windows Server 2008 R2 DC STIG v1r34Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN08-PK-000001 - The DoD Root CA certificates must be installed in the Trusted Root Store - Root CA 3DISA Windows 8/8.1 STIG v1r23Windows

IDENTIFICATION AND AUTHENTICATION

WN08-PK-000001 - The DoD Root CA certificates must be installed in the Trusted Root Store - Root CA 4DISA Windows 8/8.1 STIG v1r23Windows

IDENTIFICATION AND AUTHENTICATION

WN08-PK-000003 - The DoD Interoperability Root CA cross-certificates must be installed in the Untrusted Certificates Store on unclassified systems - 1/3DISA Windows 8/8.1 STIG v1r23Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN08-PK-000003 - The DoD Interoperability Root CA cross-certificates must be installed in the Untrusted Certificates Store on unclassified systems - 2/3DISA Windows 8/8.1 STIG v1r23Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN08-PK-000003 - The DoD Interoperability Root CA cross-certificates must be installed in the Untrusted Certificates Store on unclassified systems - 3/3DISA Windows 8/8.1 STIG v1r23Windows

SYSTEM AND COMMUNICATIONS PROTECTION