STIGhubSTIGhub
STIGhub— A free STIG search and compliance tool·STIGs updated 23 hours ago
Powered by Pylon·Privacy·Terms·Feedback·© 2026 Beacon Cloud Solutions, Inc.
← Back to Microsoft Windows Server 2022 Security Technical Implementation Guide

V-254261

CAT II (Medium)

Windows Server 2022 must have software certificate installation files removed.

Rule ID

SV-254261r1210262_rule

STIG

Microsoft Windows Server 2022 Security Technical Implementation Guide

Version

V2R9

CCIs

CCI-000366

Discussion

Use of software certificates and their accompanying installation files for end users to access resources is less secure than the use of hardware-based certificates.

Check Content

Search all drives for *.p12 and *.pfx files.

If any files with these extensions exist, this is a finding.

This does not apply to server-based applications that have a requirement for .p12 or .pfx certificate files. Some applications create files with extensions of .p12 or .pfx that are not certificate installation files. Removal of noncertificate installation files from systems is not required. These must be documented with the information system security officer (ISSO).

Fix Text

Remove any certificate installation files (*.p12 and *.pfx) found on a system.

Note: This does not apply to server-based applications that have a requirement for .p12 or .pfx certificate files.