Configure root certificate clean upID: oval:org.secpod.oval:def:19370 | Date: (C)2014-05-29 (M)2023-07-14 |
Class: COMPLIANCE | Family: windows |
The Configure root certificate clean up machine setting should be configured correctly.
This policy setting allows you to manage the clean up behavior of root certificates. If you enable this policy setting then root certificate cleanup will occur according to the option selected. If you disable or do not configure this setting then root certificate clean up will occur on log off.
Fix:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Smart Card\Configure root certificate clean up
(2) KEY: HKLM\SOFTWARE\Policies\Microsoft\Windows\CertProp\RootCertificateCleanupOption
Platform: |
Microsoft Windows Server 2008 R2 |