Trust Center Installation with DISA STIGs

Virtual machines and physical servers are commonly deployed with a set of security policies/configurations applied, based on the US DoD's Security Technical Implementation Guides (STIGs). This environment enforces additional security controls, such as file access policies.

To run the Trust Center installer in version 24.10, manual configuration of the fapolicyd directive was necessary. With version 25.03, this daemon is included in the DISA STIG policy set. As a result, the fapolicyd directive is automatically configured when the Trust Center is installed using the trust-center-ctl command. When upgrading to version 25.03, the Trust Center will automatically ensure the correct configuration without manual intervention.

Installation Steps

1. Edit /etc/yum.conf and disable the local package GPG signature check requirement:

   localpkg_gpgcheck=0

2. Install the Trust Center. Follow the instructions in the topic suited that apply to your scenario:

3. Single-Node Installation

4. Dark Site Installation
5. Upgrading
6. Dark Site Upgrade