ECA Medium Assurance, ECA Medium Token Assurance, and ECA Medium Hardware Assurance Requests

Step 1 | Select A Certificate Type

Medium Assurance

  • Easy online request process for either 1- or 3-year certificates
  • Software only; no hardware needed. Installs into Window Certificate Stores can be used with ALL browsers
  • An ECA certificate pair is used for:
    • Identity Certificate: accessing websites and digitally signing emails, PDFs, and other documents, to include electronic notarizations
    • Encryption Certificate: exchanging encrypted emails

Jump to Instructions

Medium Token Assurance

  • Necessary hardware and software delivered right to your door
  • Your choice of USB token or smart card hardware
  • Option for 1- or 3-year certificates
  • If  you do NOT have hardware/software items already STOP and send an e-mail to pkiorders@orc.com
  • An ECA certificate pair is used for:
    • Identity Certificate: accessing websites and digitally signing emails, PDFs, and other documents, to include electronic notarizations
    • Encryption Certificate: exchanging encrypted emails

Jump to Instructions

Medium Hardware Assurance

  • While-you-wait issuance of 1- or 3-year Medium-Hardware identity/encryption certificates is available at WidePoint-ORC offices in Fairfax or Hampton Virginia. Only available in VA at this time.
  • If you bring the necessary documents, you leave with fully functional certificates on either a smartcard or cryptographic token and card reader software.
  • The highest assurance level ECA certificates—Nearly equivalent to the certificates on the DOD CAC
  • If  you do NOT have hardware/software items already STOP and send an e-mail to pkiorders@orc.com
  • An ECA certificate pair is used for:
    • Identity Certificate: accessing websites and digitally signing emails, PDFs, and other documents, to include electronic notarizations
    • Encryption Certificate: exchanging encrypted emails

Jump to Instructions

A Few Notes

The issuance of WidePoint-ORC ECA Medium Hardware Assurance Certificates requires that the certificate keys be generated in front of a duly designated WidePoint-ORC representative, such as a Registration Authority (RA) or Local Registration Authority(LRA).

This will require that you do one of the following:

  • Come to a WidePoint-ORC facilities (located in Fairfax or Hampton Virginia) to create the certificate requests in the presence of an RA.
  • Your company may also designate employees to be trained as duly designated WidePoint-ORC representative (LRAs) and perform this function at your facilities.
  • If  you do NOT have hardware/software items already STOP and send an e-mail to pkiorders@orc.com

If you are in the presence of a duly designated WidePoint-ORC representative, such as a Registration Authority (RA) or a Local Registration Authority (LRA), you may make your certificate request now.

  • If  you do NOT have hardware/software items already STOP and send an e-mail to pkiorders@orc.com

Step 2 | Read The Instructions

Medium Assurance
Instructions

IMPORTANT: You must perform the online application for yourself, in your own name. You may NOT make an Online Application for another individual. This is grounds for immediate revocation of the certificate, and any fees paid will not be returned.

  • A workstation with a FIPS 140-1/2 Level 1 cryptographic compliant web browser is required. You may use Edge, Chrome, or Firefox to make the certificate request.

The DoD ECA Certificate Policy requires all Subscribers to protect their certificate private keys from unauthorized use. If you forget your certificate password, you will be required to purchase a new certificate.

Medium Token Assurance
Instructions

IMPORTANT: You must perform the online application for yourself, in your own name. You may NOT make an Online Application for another individual. This is grounds for immediate revocation of the certificate, and any fees paid will not be returned.

You must be in possession of a cryptographic device that meets the FIPS 140 Level 2 standard. You must be able to write certificates to this cryptographic device. You may purchase cryptographic devices and required middleware from WidePoint-ORC. WidePoint-ORC will not support middleware or cryptographic equipment obtained elsewhere.

  • A workstation with a FIPS 140-1/2 Level 1 cryptographic compliant web browser is required. You may use Edge, Chrome, or Firefox to make the certificate request.

The DoD ECA Certificate Policy requires all Subscribers to protect their certificate private keys from unauthorized use. WidePoint-ORC will not know this password/PIN. If you forget your certificate password/PIN and do NOT have your UNLOCK Code you will be required to purchase a new certificate along with a NEW device.

Medium Hardware Assurance
Instructions

IMPORTANT: You must perform the online application for yourself, in your own name. You may NOT make an Online Application for another individual. This is grounds for immediate revocation of the certificate, and any fees paid will not be returned.

You must be in possession of a cryptographic device that meets the FIPS 140 Level 2 standard. You must be able to write certificates to this cryptographic device. You may purchase cryptographic devices and required middleware from WidePoint-ORC. WidePoint-ORC will not support middleware or cryptographic equipment obtained elsewhere.

If you are in the presence of a duly designated WidePoint-ORC representative, such as a Registration Authority (RA) or a Local Registration Authority (LRA), you may make your certificate request now.

  • A workstation with a FIPS 140-1/2 Level 1 cryptographic compliant web browser is required. You may use Edge, Chrome, or Firefox to make the certificate request.

The DoD ECA Certificate Policy requires all Subscribers to protect their certificate private keys from unauthorized use. WidePoint-ORC will not know this password/PIN. If you forget your certificate password/PIN and do NOT have your UNLOCK Code you will be required to purchase a new certificate along with a NEW device.

Step 3 | Gather the Required Documents

Users MUST attach photocopies of the following items to the request forms:

  • Two photo IDs, one of which must be a current and valid, Government-Issued Photo ID
  • Proof of Citizenship
  • Signed Organizational Affiliation Letter or copy of organizational photo ID that meets all the requirements

Step 4 | Trust the Certificate Authorities

The Trust procedure below may have been performed IF you’re a returning customer when you obtained your previous Identity Certificate. All NEW users must trust the certificate trust chain before applying. The trust procedure must be performed on every computer where ECA certificates will be used.

Two Ways to Trust Certificate Trust Chain:

  • Quick Method: Trust your device quickly and easily using InstallRoot. Click here for instructions on download and running the tool.
  • Manual Method: If you prefer the manual method, you can visit the ECA Repository page and download all of the ECA Root Certificates and the WidePoint/ORC ECA Signing Certificates.

Step 5 | Proceed to Our Secure Portal

New Users

If you have NOT created an account with us, click below to proceed.

Create An Account

Returning Users

If you do have an account with us already, click below to access your account.

Access Your Account