The DataPower Gateway must obtain its public key certificates from an appropriate certificate policy through an approved service provider.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-65187 | SRG-APP-000516-NDM-000344 | WSDP-NM-000141 | SV-79677r1_rule | 2017-10-05 | 1 |
| Description |
|---|
| For user certificates, each organization obtains certificates from an approved, shared service provider, as required by OMB policy. For federal agencies operating a legacy public key infrastructure cross-certified with the Federal Bridge Certification Authority at medium assurance or higher, this Certification Authority will suffice. |
| ℹ️ Check |
|---|
| Go to Objects >> Crypto Configuration >> Crypto Certificate (for certs) or Crypto Key (for keys) to verify external keys/certs on the encrypted flash or FIPS 140-2 Level 3 HSM. If none exist, this is a finding. |
| ✔️ Fix |
|---|
| Go to Objects >> Crypto Configuration >> Crypto Certificate (for certs) or Crypto Key (for keys) to upload external keys/certs to the encrypted flash or FIPS 140-2 Level 3 HSM. |