Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Pardon our Dust.

Welcome to the new site for Federal Identity, Credential, and Access Management (FICAM) Playbooks! We are consolidating all existing FICAM and Federal Public Key Infrastructure (FPKI) playbooks to this new page to help you find answers and content faster. Please bookmark this URL for future reference.

Federal Common and Federal Bridge

This page lists the endpoints to retrieve the certificates and certificate revocation lists (CRLs) for the infrastructure CAs. We are working on compiling and adding information for ALL CAs currently in the Federal PKI.

When downloading any certificate file from the list below, please verify the thumbprint (hash) on the downloaded file. You can verify the hash using standard utilities on operating systems.

Federal Common Policy CA G2

Federal Common Policy CA G2 Information
Federal Common Policy CA G2 Root Certificate http://repo.fpki.gov/fcpca/fcpcag2.crt
Distinguished Name cn=Federal Common Policy CA G2, ou=FPKI, o=U.S. Government, c=US
sha1 Thumbprint 99 B4 25 1E 2E EE 05 D8 29 2E 83 97 A9 01 65 29 3D 11 60 28
Certificate Revocation List http://repo.fpki.gov/fcpca/fcpcag2.crl
P7C file - Issued By http://repo.fpki.gov/fcpca/caCertsIssuedByfcpcag2.p7c
P7C file - Issued To http://repo.fpki.gov/fcpca/caCertsIssuedTofcpcag2.p7c

Federal Common Policy CA

Federal Common Policy CA Information
Federal Common Policy CA Root Certificate http://http.fpki.gov/fcpca/fcpca.crt
Distinguished Name cn=Federal Common Policy CA, ou=FPKI, o=U.S. Government, c=US
sha1 Thumbprint 90 5f 94 2f d9 f2 8f 67 9b 37 81 80 fd 4f 84 63 47 f6 45 c1
Certificate Revocation List http://http.fpki.gov/fcpca/fcpca.crl
P7C file - Issued By http://http.fpki.gov/fcpca/caCertsIssuedByfcpca.p7c
P7C file - Issued To http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c

Federal Bridge CA G4

Federal Bridge CA G4 Information
Certificate Revocation List http://repo.fpki.gov/bridge/fbcag4.crl
P7C file - Issued By http://repo.fpki.gov/bridge/caCertsIssuedByfbcag4.p7c
P7C file - Issued To http://repo.fpki.gov/bridge/caCertsIssuedTofbcag4.p7c

Verify a hash

You can verify the hash on files, including certificate files, using common utilities on operating systems. Examples:

		certutil -hashfile <filename>.crt SHA1
		openssl dgst -sha1 <filename>.crt
		sha1sum <filename>.crt