STIGQter: STIG Summary: CA API Gateway ALG Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 28 Apr 2017: STIGQter: STIG Summary: CA API Gateway ALG Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 28 Apr 2017:SV-86061r1_rule
V-71437
SRG-NET-000345-ALG-000099
CAGW-GW-000640
CAT II
10
Open the CA API Gateway - Policy Manager, select "Tasks" from the main menu, and chose "Manage Certificates".
Click the "Certificate Validation" button and add a Revocation Check Policy in accordance with organizational requirements, making sure to select the "Continue processing if server is unavailable" check box within the policy.
If a policy has already been added, open an existing policy and select the "Continue processing if server is unavailable" check box.
Open the CA API Gateway - Policy Manager, select "Tasks" from the main menu and chose "Manage Certificates".
Click the "Certificate Validation" button and verify there is at least one Policy in the list of Revocation Checking Policies.
Double-click one of the listed policies and verify the "Continue processing if server is unavailable" check box is checked.
If there is no policy listed or the "Continue processing if server is unavailable" check box is not selected within the revocation policy, this is a finding.
V-71437
False
CAGW-GW-000640
Open the CA API Gateway - Policy Manager, select "Tasks" from the main menu and chose "Manage Certificates".
Click the "Certificate Validation" button and verify there is at least one Policy in the list of Revocation Checking Policies.
Double-click one of the listed policies and verify the "Continue processing if server is unavailable" check box is checked.
If there is no policy listed or the "Continue processing if server is unavailable" check box is not selected within the revocation policy, this is a finding.
M
3049