CCI|CCI-000185

Title

For public key-based authentication, validate certificates by constructing and verifying a certification path to an accepted trust anchor including checking certificate status information.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.11 OL08-00-010090UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.15 VCSA-80-000080VMwareCIS VMware vSphere 8.0 vCenter STIG v1.0.0 CAT II
1.17 SLES-15-010170UnixCIS SUSE Linux Enterprise Server 15 STIG v1.0.0 CAT II
1.34 MADB-10-004000MySQLDBCIS MariaDB Enterprise 10.x STIG v1.1.0 CAT II MySQLDB
1.51 APPL-14-001060UnixCIS Apple macOS 14 Sonoma STIG v1.0.0 CAT II
1.51 APPL-26-001060UnixCIS Apple macOS 26 Tahoe STIG v1.0.0 CAT II
1.70 AZLX-23-001310UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.92 UBTU-24-400360UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.94 UBTU-24-400375UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.106 UBTU-22-612030UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.169 OL09-00-000900UnixCIS Oracle Linux 9 STIG v1.0.0 CAT II
1.172 WN16-DC-000280WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.173 WN16-DC-000290WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT I
1.173 WN19-DC-000280WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.173 WN22-DC-000280WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.174 WN16-DC-000300WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT I
1.174 WN19-DC-000290WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT I
1.174 WN22-DC-000290WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT I
1.175 WN19-DC-000300WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT I
1.175 WN22-DC-000300WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT I
1.182 WN10-PK-000005WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.183 WN10-PK-000010WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.184 WN10-PK-000015WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.185 WN10-PK-000020WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.203 WN16-PK-000010WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.203 WN16-PK-000010WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.204 WN16-PK-000020WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.204 WN16-PK-000020WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.205 WN16-PK-000030WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.205 WN16-PK-000030WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.205 WN19-PK-000010WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.205 WN19-PK-000010WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.205 WN22-PK-000010WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.205 WN22-PK-000010WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.206 WN19-PK-000020WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.206 WN19-PK-000020WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.206 WN22-PK-000020WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.206 WN22-PK-000020WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.207 WN19-PK-000030WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.207 WN19-PK-000030WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.207 WN22-PK-000030WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.207 WN22-PK-000030WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.305 ALMA-09-039070UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT II
1.348 RHEL-09-631010UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.398 RHEL-10-701270UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
AIX7-00-001006 - If the AIX system is using LDAP for authentication or account information, the LDAP SSL, or TLS connection must require the server provide a certificate and this certificate must have a valid path to a trusted CA.UnixDISA IBM AIX 7.x STIG v3r2
ALMA-09-039070 - AlmaLinux OS 9, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.UnixDISA Cloud Linux AlmaLinux OS 9 STIG v1r6
AOSX-13-000750 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider.UnixDISA STIG Apple Mac OSX 10.15 v1r10