AlmaLinux OS 9 must have the openssl-pkcs11 package installed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-269373 | ALMA-09-034010 | SV-269373r1050256_rule | Medium |
| Description |
| The use of PIV credentials facilitates standardization and reduces the risk of unauthorized access. DOD has mandated the use of the CAC to support identity management and personal authentication for systems covered under Homeland Security Presidential Directive (HSPD) 12, as well as making the CAC a primary component of layered protection for national security systems. Satisfies: SRG-OS-000377-GPOS-00162, SRG-OS-000376-GPOS-00161, SRG-OS-000375-GPOS-00160, SRG-OS-000105-GPOS-00052 |
| STIG | Date |
| CloudLinux AlmaLinux OS 9 Security Technical Implementation Guide | 2025-05-22 |
Details
| Check Text (C-73404r1049572_chk) |
| Note: If the System Administrator demonstrates the use of an approved alternate multifactor authentication method, this requirement is Not Applicable. Verify that AlmaLinux OS 9 has the openssl-pkcs11 package installed with the following command: $ dnf list --installed openssl-pkcs11 Installed Packages openssl-pkcs11.x86_64 0.4.11-7.el9 @baseos If the "openssl-pkcs11" package is not installed, this is a finding. |
| Fix Text (F-73305r1048496_fix) |
| The openssl-pkcs11 package can be installed with the following command: $ dnf install openssl-pkcs11 |