Information Technology


Digital Certificates

Due to the sunsetting of the General Services Administration (GSA) Access Certificates for Electronic Services (ACES) Program, digital certificates used to sign documents submitted to The Department of Transportation must be acquired from a Public Key Infrastructure (PKI) approved provider on the Business Identity and Credentials section of the GSA IDManagement.gov Trust Services List.

Certificates issued prior to August 1, 2018 from a vendor that was previously on FDOT’s approved list, but not on the current PKI approved provider list, will be accepted through their expiration date. This currently includes GlobalSign and Cybertrust/Verizon.

Documents signed by the Federal Government (FHWA, Army Corps of Engineers, etc.) must utilize digital certificates from an approved provider on the Government Identity and Credentials section of the GSA IDManagement.gov Trust Services List, including DigiCert Federal Shared Service Provider (formerly Symantec) and Verizon/Cybertrust Federal Shared Service Provider.

 

Root certificates are required for proper digital signature validation. If you are missing certificates, digital signatures may not appear valid. Look at the digital signature properties to determine which certificates are needed and download them from the digital signature authority.
Identrust: https://www.identrust.com/support/downloads
Digicert: https://www.digicert.com/digicert-root-certificates.htm
Entrust: https://www.entrustdatacard.com/knowledgebase/entrust-root-certificates


Effective: February 4, 2019 Updated: March 25, 2020