From Remote Access Server STIG
Part of SRC-NET-040 Network devices - PKE
Associated with IA controls: ECSC-1
Network devices, RAS, and VPN gateways will not use proprietary digital certificates or self-signed mechanisms. These certificates are often generated by the manufacturer and are similar to default passwords. Additionally, DoD requires use of DoD-PKI rather than proprietary certificate structures.
View the vendor documentation or device configuration to verify that the device is capable of generating certificate-signing requests and using DoD-approved PKI digital certificates when available.
Ensure all devices which provide remote access services are capable of generating certificate-signing requests and using DoD-approved PKI digital certificates when available.
Lavender hyperlinks in small type off to the right (of CSS
id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header
Powered by sagemincer