Edit this page

Federal Common Policy CA Update

The Federal Government recently deployed the Federal Common Policy CA (FCPCA) G2, a new Federal Public Key Infrastructure (FPKI) root Certification Authority (CA). As the existing Federal Common Policy CA reaches the end of its planned service life, FCPCA G2 will roll out incrementally and serve as the new trust anchor for the Federal PKI. Below, you’ll find important dates and steps for a successful operational transition to the FCPCA G2 trust anchor.

This change affects all federal agencies and the following services:

  • Personal Identity Verification (PIV) credential authentication to government networks
  • Agency web applications implementing client authentication (for example, PIV authentication)
  • User digital signatures that leverage PIV or similar credentials
  • Other applications leveraging the Federal Common Policy CA as a root CA

Federal enterprises and other relying party organizations should plan for this transition and test interoperability in advance of implementing changes in their production IT environments.

Recommended steps to complete by December 31st, 2020:

  1. Prepare to migrate to the Federal Common Policy CA G2
  2. Obtain and verify a copy of the Federal Common Policy CA G2 certificate
  3. Distribute the certificate to operating systems
  4. Verify operating system distribution
  5. Distribute the certificate to applications
  6. Distribute the CA certificates issued by the Federal Common Policy CA G2 (optional)

Recommended steps to complete by April 20th, 2021:

  1. Migrate to the Federal Common Policy CA G2
  2. Verify migration to the Federal Common Policy CA G2

Need Help?

View the Frequently Asked Questions page for more information, or email us at fpkirootupdate@gsa.gov.