Emergency video communications provider Digital Alert Systems has just released an important update of Federal Emergency Management Agency (FEMA) digital certificates used to authenticate messaging from the Integrated Public Alert and Warning System (IPAWS).
The company has released updated IPAWS Certificate Authority (CA) credentials for the One-Net and DASDEC series of Emergency Alert System/Common Alerting Protocol (EAS/CAP) encoder/decoders to replace a certificate in the current certification chain that will expire on Friday (11/8).
One-Net and DASDEC users in the U.S. are advised to replace the soon-to-expire certificate to ensure that devices configured to require message authentication will continue to operate properly.
“DASDEC and One-Net users are urged to take the simple step of updating their certificate files before November 8 to allow continued authentication of IPAWS CAP alert messaging,” said Ed Czarnecki, senior director of strategy and government affairs. “This is another important certificate replacement, with a very short timeline for all EAS users to implement these new digital certificates. We continue to work with FEMA IPAWS to develop methods of automating or streamlining this process for future certificate updates.”
FEMA uses digital certificates called CAs to create a chain of trust between an EAS device and the IPAWS servers. The One-Net and DASDEC EAS/CAP devices use these special digital certificates to validate the authenticity of IPAWS-sourced CAP alerts. These certificates are designed to expire at a specific date and time, requiring the issuing authority to publish new certificates from time to time.
All One-Net and DASDEC customers using the IPAWS system must have the latest digital certificates in place to assure the validity of the communications chain of trust by processing only messages that are authenticated through IPAWS. IPAWS users who fail to update their equipment before Nov. 8 could see the error message: “Event Log: Digital Signature VERIFICATION ERROR: Signer UNTRUSTED! Check for correct CAP decoder CA file.” Alternatively, the device might simply ignore valid IPAWS alerts.
The new field service bulletin and CA file are available now from the Digital Alert Systems website at www.digitalalertsystems.com/DAS_pages/resources_fsb.html. One-Net and DASDEC customers should go to the website, download the field service bulletin for instructions, and link to the new CA file.