HomeECA Certificate InstructionsGeneral InstructionsMedium Hardware and Medium Token Code Certificate Request Instructions

1.6. Medium Hardware and Medium Token Code Certificate Request Instructions

1. Requesting Certificate Process

a. Click the "Order Your Certificate" button on the navigation bar.

A browser check will be performed without any user intervention. If you do not have the correct browser, you will be diverted to a download browser page in which you can download the latest browsers in order to complete the request and use your certificate. If you have the correct browser you will be taken to "Trust the Root" page.

b. Follow the instructions on the "Trust the Root" page.

c. Choose which certificate to apply for.

d. Read the obligations page and accept the terms and conditions.

e. Fill out the electronic submission form.

f. Print out the User Enrollment form, and follow the directions on the page. See section 2: Verify Identity.

g. Send the User Enrollment Form via Certified Mail to one of the ORC branches below:

Operational Research Consultants
Attn: ECA RA
11250 Waples Mill
South Tower Suite 210
Fairfax, VA

h. Once the mail is received and the specific Enrollment form is verified, a certificate will be generated and an email will arrive in your inbox. There will be a link to access your certificate and you must furnish the password in which you used to retrieve the certificate. See section 3: Accept Certificate.

i. After successfully supplying the password, your certificate will be added to your web browser so that you can access your certificate for its specific functions.

2. Verify Identity

A. Individual and Encryption ECA Certificates - Unaffiliated Individuals (members of the general public) may be authenticated through an electronically submitted application or by personal presence. The ORC CA shall verify all of the following identification information supplied by the applicant: first name, middle initial, last name, date of birth, current address (number, street, city and ZIP code), and telephone number. Subscriber identification must be confirmed via a GSA-approved identity-proofing process that incorporates the following factors:

Submission by the applicant of at least three individual identity items, which must be verified by multiple independent data sources along with cross-checks for consistency. For example:

Red Arrow Bullet Alien Registration number.
Red Arrow Bullet Passport number.
Red Arrow Bullet Current employer name, address (number, street, city, ZIP code), and telephone number.
Red Arrow Bullet Currently valid state-issued driver's license number or state-issued identification card number.
Red Arrow Bullet Social Security number.
Notary Public - If you decide to go to a Notary Public for identification verification, you must take the forms generated during the certificate request process and present them along with a three of the above listed identity items, at least one of which must be a photo ID, for Notary Public validation. Upon completion, you must submit the notarized forms with a photocopy of the front and back of the photo IDs used to validate identity along with proof of organizational affiliation via certified mail to the ORC CA.


B. Request Authorization to receive a Code Signing Certificate

Red Arrow Bullet The applicant's individual identity as specified above in Section A.
Red Arrow Bullet That the applicant is a duly authorized representative of the Sponsoring Organization as an employee, partner, member, agent, or other association.

Red Arrow Bullet The Code Signing Attribute Authority (CSAA), a duly appointed signature authority for the organization who authorizes applications or individuals for code signing certificates for the designated organization, will send a signed "Proof of Organizational Affiliation and Authorization for Code Signing" letter to the RA authorizing the code signer to receive a code signing certificate. The "Proof of Organizational Affiliation and Authorization for Code Signing" letter can be either a hard copy with an ink signature or an electronic copy that is digitally signed. If the letter is digitally signed, the certificate used to digitally sign the electronic copy must be a DoD Class 3 or higher certificate. Please see Step 3 for the address to send the signed "Proof of Organizational Affiliation and Authorization for Code Signing" letter.

3. Accept Certificate

a. Notification - Upon successful completion of the identification and authentication process, the ORC CA shall create the requested ECA Certificate, and notify you via email that your certificate is ready.

b. Acceptance - To accept the certificate, click on the link that was provided in the email to access the certificate retreival page. You shall indicate acceptance or rejection of the ECA Certificate to the ORC CA. By accepting the ECA Certificate, you are warranting that all information and representations made and included in the ECA Certificate are true. The acceptance agreement shall include the subscriber obligations.

c. Acknowledgement - You shall print a copy of the notification email, sign it, and mail the signed document to the ORC ECA CAA (Certificate Authority Administrator).

IMPORTANT: If you do not provide this verification notice, or if you are found to have acted in a manner counter to these obligations, the Certificate shall be revoked, and you will forfeit all claims against the ORC ECA CA infrastructure in the event of a dispute arising from failure to fulfill the obligations above.


This page was: Helpful | Not Helpful