Medium Assurance

• Easy online request process for either 1- or 3-year certificates
• Software only; no hardware needed. Installs into Window Certificate Stores can be used with ALL browsers
• An ECA certificate pair is used for:
  • Identity Certificate: accessing websites and digitally signing emails, PDFs, and other documents, to include electronic notarizations
  • Encryption Certificate: exchanging encrypted emails

Jump to Instructions

Medium Hardware Assurance

• While-you-wait issuance of 1- or 3-year Medium-Hardware identity/encryption certificates is available at WidePoint-ORC offices in Fairfax or Hampton Virginia. Only available in VA at this time.
• If you bring the necessary documents, you leave with fully functional certificates on either a smartcard or cryptographic token and card reader software.
• The highest assurance level ECA certificates—Nearly equivalent to the certificates on the DOD CAC
• If  you do NOT have hardware/software items already STOP and send an e-mail to wcsc.helpdesk@widepoint.com
• An ECA certificate pair is used for:
  • Identity Certificate: accessing websites and digitally signing emails, PDFs, and other documents, to include electronic notarizations
  • Encryption Certificate: exchanging encrypted emails

Jump to Instructions

IMPORTANT: You must perform the online application for yourself, in your own name. You may NOT make an Online Application for another individual. This is grounds for immediate revocation of the certificate, and any fees paid will not be returned.

• A workstation with a FIPS 140-1/2 Level 1 cryptographic compliant web browser is required. You may use Edge, Chrome, or Firefox to make the certificate request.

The DoD ECA Certificate Policy requires all Subscribers to protect their certificate private keys from unauthorized use. If you forget your certificate password, you will be required to purchase a new certificate.

IMPORTANT: You must perform the online application for yourself, in your own name. You may NOT make an Online Application for another individual. This is grounds for immediate revocation of the certificate, and any fees paid will not be returned.

You must be in possession of a cryptographic device that meets the FIPS 140 Level 2 standard. You must be able to write certificates to this cryptographic device. You may purchase cryptographic devices and required middleware from WidePoint-ORC. WidePoint-ORC will not support middleware or cryptographic equipment obtained elsewhere.

If you are in the presence of a duly designated WidePoint-ORC representative, such as a Registration Authority (RA) or a Local Registration Authority (LRA), you may make your certificate request now.

• A workstation with a FIPS 140-1/2 Level 1 cryptographic compliant web browser is required. You may use Edge, Chrome, or Firefox to make the certificate request.

The DoD ECA Certificate Policy requires all Subscribers to protect their certificate private keys from unauthorized use. WidePoint-ORC will not know this password/PIN. If you forget your certificate password/PIN and do NOT have your UNLOCK Code you will be required to purchase a new certificate along with a NEW device.

The Trust procedure below may have been performed IF you’re a returning customer when you obtained your previous Identity Certificate. All NEW users must trust the certificate trust chain before applying. The trust procedure must be performed on every computer where ECA certificates will be used.

Two Ways to Trust Certificate Trust Chain:

• Quick Method: Trust your device quickly and easily using InstallRoot. Click here for instructions on download and running the tool.
• Manual Method: If you prefer the manual method, you can visit the ECA Repository page and download all of the ECA Root Certificates and the WidePoint/ORC ECA Signing Certificates.