Category I: U.S. Federal Agency PKIs

Note: Possession of a valid approved partner PKI certificate, as demonstrated by successful PKI authentication, provides assured identification of the user.  A separate authorization decision verifying that the identified user should have access to the requested content should be made before providing access to DoD information systems.

See the DoD PKI External Interoperability FAQ for more information on DoD approved partner PKI credentials.

Department of State PKI

Current Certification Authorities (CAs) DetailsSee Section 4.2.3 of DoD Approved External PKIs Master Document
Current CA CertificatesSee Department_of_State folder in DoD Approved External PKI Certificate Trust Chains zip
Approved Certificate Assurance Levels*See Section 5.6 of DoD Approved External PKIs Master Document
Certificate Revocation List (CRL) Distribution Points**See Department of State section of DoD Approved External CRL Distribution Points (CRLDPs)
Online Certificate Status Protocol (OCSP) Responder URL(s)**See Department of State section of DoD Approved External OCSP URLs
Agencies SupportedSee agencies with a Federal PKI Shared Service Provider of Department of State at https://playbooks.idmanagement.gov/fpki/pivcas-and-agencies/
Performs CA Rekeys?Yes

*As represented by OIDs listed in the Certificate Policies extension of the partner certificate; a certificate must assert at least one approved assurance level to be acceptable for use.

**Note:  These lists are developed and maintained by DoD PKE based on CRLDP and AIA OCSP values asserted in sample certificates provided to DoD by the partner PKI for testing; they are provided for ease of reference and may not be exhaustive in all cases.  Any CRL URL asserted in a CRLDP extension or OCSP URL asserted in an AIA extension of an approved certificate is approved for use by DoD relying parties.

  Title Size Updated
DoD Approved External CRL Distribution Points (CRLDPs) - Version 1.21 DoD Approved External CRL Distribution Points (CRLDPs) - Version 1.21
7.14 KB 2024 12 09
DoD Approved External OCSP URLs - Version 1.19 DoD Approved External OCSP URLs - Version 1.19
3.46 KB 2024 12 09
DoD Approved External PKIs Types 5 & 6 Certificate Trust Chains (Foreign, Allied, Coalition Partner and Other PKIs) - Version 1.5 DoD Approved External PKIs Types 5 & 6 Certificate Trust Chains (Foreign, Allied, Coalition Partner and Other PKIs) - Version 1.5
28.58 KB 2024 12 09
DoD Approved External PKIs Types 3 & 4 Certificate Trust Chains (Non Federal Issuers) - Version 1.18 DoD Approved External PKIs Types 3 & 4 Certificate Trust Chains (Non Federal Issuers) - Version 1.18
76.84 KB 2024 12 09
DoD Approved External PKIs Types 1 & 2 Certificate Trust Chains (Federal Agencies) - Version 1.13 DoD Approved External PKIs Types 1 & 2 Certificate Trust Chains (Federal Agencies) - Version 1.13
81.35 KB 2024 12 09
  DoD Approved External PKIs Master Document - Version 11.2 DoD Approved External PKIs Master Document - Version 11.2
This document provides Certification Authority (CA) certificate trust chain and assurance level information for all Department of Defense (DoD) approved Public Key Infrastructures (PKIs).
1.1 MB 2024 12 09
  DoD Approved External PKI Certificate Trust Chains - Version 11.2 DoD Approved External PKI Certificate Trust Chains - Version 11.2
This zip file contains certificate trust chains for DoD Approved External PKIs.
245.25 KB 2024 12 09