CRY-12—Approved Certificate Authorities

>Control Description

Organization restricts the use of digital certificates to those that are signed by approved certificate authorities; a certification path to an accepted trust anchor is established.

Theme

Technology

Type

Preventive

Policy/Standard

Key Management Policy

>Implementation Guidance

1. Establish a process for executing periodic SSL tests to ensure that only digital certificates that are signed by approved certificate authorities are accepted.

>Testing Procedure

1. Observe a sample of servers and review their SSL test. 2. Observe the SSL test and confirm that only digital certificates that are signed by approved certificate authorities are accepted.

>Audit Artifacts

E-CRY-21

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

Ask AI

Configure your API key to use AI features.

>Control Description

Theme

Type

Policy/Standard

>Implementation Guidance

>Testing Procedure

>Audit Artifacts

>Framework Mappings

FedRAMP Rev 51

PCI DSS3

TX-RAMP1

Ask AI

FedRAMP Rev 5
1

PCI DSS
3

TX-RAMP
1