Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal Government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a Federal Government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

FCPCA SIA LDAP Decommissioning

The FPKIMA team will be taking action to reduce unnecessary external activity on their repositories in order to avert potential negative impacts to availability.

Plan of Action: The FPKIMA team is turning off its sole remaining LDAP repository services on 10/12/2022, this only impacts the SIA repository for the old Federal Common Policy CA (FCPCA) root.

Mitigating Factors: The proposed action should not impact FPKI relying parties, provided they are properly configured to validate end entity certificates up to the Federal Common Policy CA G2 (FCPCAG2). This action is further reinforced given the following considerations:

  • The associated HTTP repository is still available - http://http.fpki.gov/fcpca/caCertsIssuedByfcpca.p7c
  • LDAP support was deprecated in 2013, and the last certificate issued by the old FCPCA with an FPKI LDAP URI expired in 2020
  • The old FCPCA Self-signed root certificate expires in 2030 and contains one LDAP URI in the SIA to a Directory entry that contains no certificates

As a result, of these mitigating factors, there should be no impacts to any relying parties that have successfully migrated to the FCPCAG2 trust anchor, nor is there an ability to dynamically conduct full path discovery and validation of an end entity certificate to the old FCPCA, per the previous migration effort.

If you have any questions regarding this action please contact: fpki dash help at gsa dot gov

IDManagement.gov

An official website of the U.S. General Services Administration

Looking for U.S. government information and services?
Visit USA.gov

This site is a collaboration between GSA and the Federal CIO Council. It is managed by the Identity Assurance and Trusted Access Division in the GSA Office of Government-wide Policy.

Edit this page