| RHEL-08-010090 | V1R6 | RHEL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | |
| SLES-15-010170 | V1R4 | The SUSE operating system, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | |
| WN19-DC-000280 | V3R1 | Windows Server 2019 domain controllers must have a PKI server certificate. | |
| WN19-DC-000290 | V3R1 | Windows Server 2019 domain Controller PKI certificates must be issued by the DoD PKI or an approved External Certificate Authority (ECA). | |
| WN19-DC-000300 | V3R1 | Windows Server 2019 PKI certificates associated with user accounts must be issued by a DoD PKI or an approved External Certificate Authority (ECA). | |
| WN19-PK-000010 | V3R1 | Windows Server 2019 must have the DoD Root Certificate Authority (CA) certificates installed in the Trusted Root Store. | |
| WN19-PK-000020 | V3R1 | Windows Server 2019 must have the DoD Interoperability Root Certificate Authority (CA) cross-certificates installed in the Untrusted Certificates Store on unclassified systems. | |
| WN19-PK-000030 | V3R1 | Windows Server 2019 must have the US DoD CCEB Interoperability Root CA cross-certificates in the Untrusted Certificates Store on unclassified systems. | |
| UBTU-18-010425 | V2R12 | The Ubuntu operating system, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | |
| UBTU-20-010060 | V1R6 | The Ubuntu operating system, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | |
| APPL-14-001060 | V1R1 | The macOS system must set smart card certificate trust to moderate. | |
| APPL-13-003001 | V1R5 | The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | |
| SLES-12-030530 | V3R1 | The SUSE operating system, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | |
| APPL-15-001060 | V1R1 | The macOS system must set smart card certificate trust to moderate. | |
| OL08-00-010090 | V1R6 | OL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | |
| OL09-00-000900 | V1R1 | OL 9, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | |
| UBTU-24-400360 | V1R1 | Ubuntu 24.04 LTS, for PKI-based authentication, SSSD must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | |
| UBTU-24-400375 | V1R1 | Ubuntu 24.04 LTS, for PKI-based authentication, Privileged Access Management (PAM) must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | |
| UBTU-22-612030 | V1R1 | Ubuntu 22.04 LTS, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | |
| WN11-PK-000005 | V1R6 | The DoD Root CA certificates must be installed in the Trusted Root Store. | |
| WN11-PK-000010 | V1R6 | The External Root CA certificates must be installed in the Trusted Root Store on unclassified systems. | |
| WN11-PK-000015 | V1R6 | The DoD Interoperability Root CA cross-certificates must be installed in the Untrusted Certificates Store on unclassified systems. | |
| RHEL-09-631010 | V2R5 | RHEL 9, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | |
| WN10-PK-000005 | V3R1 | The DoD Root CA certificates must be installed in the Trusted Root Store. | |
| WN10-PK-000010 | V3R1 | The External Root CA certificates must be installed in the Trusted Root Store on unclassified systems. | |
| WN10-PK-000015 | V3R1 | The DoD Interoperability Root CA cross-certificates must be installed in the Untrusted Certificates Store on unclassified systems. | |
| WN10-PK-000020 | V3R1 | The US DoD CCEB Interoperability Root CA cross-certificates must be installed in the Untrusted Certificates Store on unclassified systems. | |
| WN16-DC-000280 | V2R9 | Domain controllers must have a PKI server certificate. | |
| WN16-DC-000290 | V2R9 | Domain Controller PKI certificates must be issued by the DoD PKI or an approved External Certificate Authority (ECA). | |
| WN16-DC-000300 | V2R9 | PKI certificates associated with user accounts must be issued by the DoD PKI or an approved External Certificate Authority (ECA). | |
| WN16-PK-000010 | V2R9 | The DoD Root CA certificates must be installed in the Trusted Root Store. | |
| WN16-PK-000020 | V2R9 | The DoD Interoperability Root CA cross-certificates must be installed in the Untrusted Certificates Store on unclassified systems. | |
| WN16-PK-000030 | V2R9 | The US DoD CCEB Interoperability Root CA cross-certificates must be installed in the Untrusted Certificates Store on unclassified systems. | |
| WN22-DC-000280 | V2R5 | Windows Server 2022 domain controllers must have a PKI server certificate. | |
| WN22-DC-000290 | V2R5 | Windows Server 2022 domain Controller PKI certificates must be issued by the DoD PKI or an approved External Certificate Authority (ECA). | |
| WN22-DC-000300 | V2R5 | Windows Server 2022 PKI certificates associated with user accounts must be issued by a DoD PKI or an approved External Certificate Authority (ECA). | |
| WN22-PK-000010 | V2R5 | Windows Server 2022 must have the DoD Root Certificate Authority (CA) certificates installed in the Trusted Root Store. | |
| WN22-PK-000020 | V2R5 | Windows Server 2022 must have the DoD Interoperability Root Certificate Authority (CA) cross-certificates installed in the Untrusted Certificates Store on unclassified systems. | |
| WN22-PK-000030 | V2R5 | Windows Server 2022 must have the US DOD CCEB Interoperability Root CA cross-certificates in the Untrusted Certificates Store on unclassified systems. | |