RHEL 9 must have the nss-tools package installed.

STIG ID: RHEL-09-215085  |  SRG: SRG-OS-000480-GPOS-00227 |  Severity: medium |  CCI: CCI-000366 |  Vulnerability Id: V-257840

Vulnerability Discussion

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Install the "nss-tools" package to install command-line tools to manipulate the NSS certificate and key database.

Check

Verify that RHEL 9 has the nss-tools package installed with the following command:

$ dnf list --installed nss-tools

Example output:

nss-tools.x86_64 3.71.0-7.el9

If the "nss-tools" package is not installed, this is a finding.

Fix

The nss-tools package can be installed with the following command:

$ sudo dnf install nss-tools