Click on the link associated with the vendor
you selected in Step 2 for obtaining an
ECA/IECA certificate.
ECA
Operational Research
Consultants, Inc. (ORC)
IECA
Digital Signature Trust Co.
(DST)
VeriSign,
Inc.
For assistance with configuring applications to
use ECA/IECA certificates, go to the following website: https://www.dodpke.com/public/default.asp
Note: In order
to access all the resources on this site, you must go through a registration
process using an ECA/IECA identity certificate.
Relying Parties
Relying Parties – In order to verify digital signatures and
encrypt data, relying parties (applications) must ensure that certificates
presented to them have been signed by a trusted CA and have not been
revoked. Therefore, the following steps are necessary:
1) Each commercial DoD contractor, as a
relying party, must securely download the DoD Root CA certificates,
i.e. the DoD Class 3 Root CA certificate and the DoD Medium Assurance
Root CA certificate, which can be obtained at the following website:
http://dodpki.c3pki.chamb.disa.mil/rootca.html
(This will also provide you with all necessary DoD Intermediate CA certificates.)
This web link is configured to work best with
Netscape browsers. You can also use Microsoft Internet Explorer,
but after download you will have to use the "Certificate Manager Import
Wizard" under "Tools/Internet Options/Content/Certificates/Import" to
properly import the DoD Root CA certificates.
Note: During
the registration process, your IECA Vendor will provide you two thumbprints,
one for each of the DoD Root CA certificates. You must compare
these thumbprints with the thumbprints you will find on the DoD Root
CA certificates at the website provided above. This critical check
ensures that you are downloading and installing the true DoD Root CA
certificates.
2) Each commercial DoD contractor, as a
relying party, should configure their applications to check DoD CRLs.
3) DoD personnel, as relying parties,
must securely download all necessary ECA/IECA Root CA certificates,
which can be found at the IECA Vendor websites listed above.
4) DoD personnel, as relying parties,
should configure their applications to check ECA/IECA CRLs. For further
information on these CRLs, please go to the following link:
ECA/IECA CRL Configuration
|