SV-219321r610963_rule
V-219321
SRG-OS-000403-GPOS-00182
UBTU-18-010436
CAT II
10
Add at least one DOD certificate authority to the '/usr/local/share/ca-certificates' directory, then run the 'update-ca-certificates' command.
Verify the directory containing the root certificates for the Ubuntu operating system only contains certificate files for DoD PKI-established certificate authorities by iterating over all files in the '/etc/ssl/certs' directory and checking if, at least one, has the subject matching "DOD ROOT CA".
If none is found, this is a finding.
V-219321
False
UBTU-18-010436
Verify the directory containing the root certificates for the Ubuntu operating system only contains certificate files for DoD PKI-established certificate authorities by iterating over all files in the '/etc/ssl/certs' directory and checking if, at least one, has the subject matching "DOD ROOT CA".
If none is found, this is a finding.
M
4055