| 1.92 UBTU-24-400360 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.94 UBTU-24-400375 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.106 UBTU-22-612030 | CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-039070 - AlmaLinux OS 9, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-15-003001 - The macOS system must issue or obtain public key certificates from an approved service provider. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-26-003001 - The macOS system must issue or obtain public key certificates from an approved service provider. | DISA Apple macOS 26 Tahoe STIG v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AZLX-23-001310 - Amazon Linux 2023, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA Amazon Linux 2023 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-ND-001370 - The Cisco ASA must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider. | DISA STIG Cisco ASA NDM v2r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001440 - The Cisco router must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider. | DISA Cisco IOS Router NDM STIG v3r6 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001440 - The Cisco router must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider. | DISA Cisco IOS XE Router NDM STIG v3r6 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001440 - The Cisco switch must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider. | DISA Cisco IOS Switch NDM STIG v3r6 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001440 - The Cisco switch must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider. | DISA Cisco NX OS Switch NDM STIG v3r6 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001440 - The Cisco switch must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider. | DISA Cisco IOS XE Switch NDM STIG v3r5 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-ND-001430 - The Juniper router must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider. | DISA STIG Juniper Router NDM v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| O19C-00-020400 - Oracle Database must include only approved trust anchors in trust stores or certificate stores managed by the organization. | DISA Oracle Database 19c STIG v1r3 Unix | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| O19C-00-020400 - Oracle Database must include only approved trust anchors in trust stores or certificate stores managed by the organization. | DISA Oracle Database 19c STIG v1r3 Windows | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O19C-00-020400 - Oracle Database must include only approved trust anchors in trust stores or certificate stores managed by the organization. | DISA Oracle Database 19c STIG v1r5 Unix | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| O19C-00-020400 - Oracle Database must include only approved trust anchors in trust stores or certificate stores managed by the organization. | DISA Oracle Database 19c STIG v1r5 Windows | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL09-00-000900 - OL 9, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA Oracle Linux 9 STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OS10-NDM-000960 - The Dell OS10 Switch must obtain its public key certificates from an appropriate certificate policy through an approved service provider. | DISA Dell OS10 Switch NDM STIG v1r1 | Dell_OS10 | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-701270 - RHEL 10 must, for PKI-based authentication, validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000040 - Splunk Enterprise must only allow the use of DOD-approved certificate authorities for cryptographic functions. | DISA STIG Splunk Enterprise 7.x for Windows v3r2 REST API | Splunk | SYSTEM AND COMMUNICATIONS PROTECTION |
| SPLK-CL-000450 - Splunk Enterprise must only allow the use of DOD-approved certificate authorities for cryptographic functions. | DISA STIG Splunk Enterprise 8.x for Linux v2r3 STIG REST API | Splunk | SYSTEM AND COMMUNICATIONS PROTECTION |
| TCAT-AS-000700 - DOD root CA certificates must be installed in Tomcat trust store. | DISA STIG Apache Tomcat Application Server 9 v3r3 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-20-010020 - Ubuntu 20.04 LTS must ensure SSSD performs certificate path validation, including revocation checking, against a trusted anchor for PKI-based authentication. | DISA Canonical Ubuntu 20.04 LTS STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-22-254020 - Ubuntu 22.04 LTS must ensure SSSD performs certificate path validation, including revocation checking, against a trusted anchor for PKI-based authentication. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-22-612030 - Ubuntu 22.04 LTS, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-24-400360 - Ubuntu 24.04 LTS, for PKI-based authentication, SSSD must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-24-400375 - Ubuntu 24.04 LTS, for PKI-based authentication, Privileged Access Management (PAM) must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WN25-PK-000010 - Windows Server 2025 must have the DOD Root Certificate Authority (CA) certificates installed in the Trusted Root Store. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
