• Home
• PKI Information

PKI Information

A Department Of Defense (DoD) PKI Certificate is required to access all PDREP applications. Contractors are also required to obtain and use a PKI certificate.
To determine if you have a valid DoD PKI Certificate.

All DoD employees (military and Civilian) and non-DOD Contractors (private industry partners) are required to use a valid DoD PKI Certificate to access PDREP.

In accordance with DOD Instruction 8520.02:

PURPOSE

This Instruction

Reissues DoD Instruction (DoDI) 8520.2 (Reference (a)) in accordance with the authority in DoD Directive (DoDD) 5144.1 (Reference (b)) to establish and implement policy, assign responsibilities, and prescribe procedures for developing and implementing a DoD-wide PKI and enhancing the security of DoD information systems by enabling these systems to use PKI for authentication, digital signatures, and encryption.

Applicability

(3) All users accessing unclassified and classified DoD information systems (e.g., DoD web-based systems, DoD websites, DoD web servers) and networks (e.g., NIPRNET, SIPRNET, DREN, SDREN).

POLICY

It is DoD policy that:
The DoD shall implement a DoD-wide PKI to maintain the certificate lifecycle, including, but not limited to, issuance, suspension, and revocation. The DoD shall issue certificates to DoD PKI Certificate Eligible Users in accordance with "United States Department of Defense X.509 Certificate Policy" (Reference (j)). The DoD PKI also shall support requirements for group, role, information systems, device, and code signing certificates. The DoD PKI shall provide first and third party key recovery for private keys associated with encryption certificates.

The DoD shall only rely on certificates that are issued by the DoD PKI or by a DoD-approved PKI for authentication, digital signature, or encryption. External PKIs are approved for use by the ASD(NII)/DoD CIO. The process for recommending approval for external PKIs is outlined in the DoD External Interoperability Plan (Reference (l)). DoD mission partners shall use certificates issued by the DoD External Certification Authority (ECA) program or a DoD-approved PKI, when interacting with the DoD in unclassified domains. DoD ECA PKI and External PKI certificates are not used in the DoD classified domain.

External Certificate Authority:
External Certificate Authorities (ECAs) provide digital certificates to non-DOD Contractors (private industry partners) using their own equipment.

Approved ECA vendors:
“The appearance of hyperlinks does not constitute endorsement by the Department of Defense of non-U.S. Government sites or the information, products, or services contained therein. Although the Department of Defense may or may not use these sites as additional distribution channels for Department of Defense information, it does not exercise editorial control over all of the information that you may find at these locations. Such links are provided consistent with the stated purpose of this website.”

• Operational Research Consultants, Inc. (ORC)
• IdenTrust