External Certificate Authority

Select a Certificate

Select a certificate type below.

Note 1: You must first electronically submit your request for an Identity Certificate, prior to requesting an Encryption or Mobile Code Signing Certificate.

	Medium Assurance Identity Certificate

	A certificate that a person uses to authenticate to a PKI-enabled application, such as a secure web site. Identity certificates may be used for non-repudiation purposes, i.e., transactions that have been signed by an identity certificate may be legally linked to the owner of that certificate. The certificate may also be used for secure and authenticated email. For certificate costs please see the Certificate Pricing link in the left menu.

	Medium Assurance Encryption Certificate (See NOTE 1 above)

	A certificate that may be used for encrypting e-mail. When encrypting e-mail messages, the sender uses the certificate of the recipient(s), and the recipient decrypts the message using his or her private key. For certificate costs please see the Certificate Pricing link in the left menu.

	Component/Server Certificate

	A certificate that a computer on a network, usually a web server, uses to identify itself to other computers. It also includes the public key, which is required in order for web browsers to set up a secure encrypted connection with the server. Any web server that offers secure connections (https, SSL, or TLS) must have a server certificate. For certificate costs please see the Certificate Pricing link in the left menu.

	Mobile Code Signing Certificate

	A certificate used for signing mobile code that resides on a web server. This certificate is used to sign mobile code that is downloaded from a web server by users. Users can validate the certificate used to sign the mobile code and determine whether to trust it. For certificate costs please see the Certificate Pricing link in the left menu.

	Medium Token Assurance Identity Certificate

	This certificate is intended for all applications operating in environments appropriate for medium assurance but which require a higher degree of technical non-repudiation based on the relying party’s assessment. A certificate that a person uses to authenticate to a PKI-enabled application, such as a secure web site. Identity certificates may be used for non-repudiation purposes, (i.e., transactions that have been signed by an identity certificate.) may be legally linked to the owner of that certificate. The certificate may also be used for secure and authenticated email. For certificate costs please see the Certificate Pricing link in the left menu.

	Medium Token Assurance Encryption Certificate (See NOTE 1 above)

	This certificate is intended for all applications operating in environments appropriate for medium assurance but which require a higher degree of technical non-repudiation based on the relying party’s assessment. A certificate that may be used for encrypting e-mail. When encrypting e-mail messages, the sender uses the certificate of the recipient(s), and the recipient decrypts the message using his or her private key. For certificate costs please see the Certificate Pricing link in the left menu.

	Medium Hardware Assurance Identity Certificate

	This certificate is intended for all applications operating in environments appropriate for medium assurance but which require a higher degree of assurance and technical non-repudiation based on the relying party’s assessment. A certificate that a person uses to authenticate to a PKI-enabled application, such as a secure web site. Identity certificates may be used for non-repudiation purposes, (i.e., transactions that have been signed by an identity certificate.) may be legally linked to the owner of that certificate. The certificate may also be used for secure and authenticated email. For certificate costs please see the Certificate Pricing link in the left menu.

Note: The issuance of ECA Medium Hardware certificates requires that the certificate keys be generated in front of a duly designated ORC representative, such as a Registration Authority (RA) or Local Registration Authority (LRA). This will require that you do one of the following: Come to an ORC facility (located in Fairfax or Chesapeake, Virginia) to create the certificate requests in the presence of an RA. Your company may also designate employees to be trained as a duly designated ORC representative (LRAs) and perform this function at your facilities. ORC has partnered with Florida-Georgia Consultants, LLC to act as our LRAs to perform this function for our customers at the customer locations. You may visit their website at: http://fanglinc.com or contact them by phone (904-778-3166) to see if they can assist you.

	Medium Hardware Assurance Encryption Certificate (See NOTE 1 above)

	This certificate is intended for all applications operating in environments appropriate for medium assurance but which require a higher degree of assurance and technical non-repudiation based on the relying party’s assessment. A certificate that may be used for encrypting e-mail. When encrypting e-mail messages, the sender uses the certificate of the recipient(s), and the recipient decrypts the message using his or her private key. For certificate costs please see the Certificate Pricing link in the left menu.

Order Your Cryptographic Tokens

When requesting and receiving either their Medium Token Assurance, Medium Hardware Identity Certificate or Medium Hardware Assurance Encryption Certificate, Subscribers shall use cryptographic tokens that have been verified to meet with FIPS 140 Level 2.

To Order a Cryptographic Token and/or schedule a time to meet with an RA, please contact ORC at 1-800-816-5548, 7:30 AM to 7:30 PM Eastern Standard Time or e-mail ecahelp@orc.com..

You can also come to our ORC Fairfax Office located at 11250 Waples Mill Rd, Suite 210, South Tower to purchase your token, and request your Hardware Certificate in the presence of an RA.