DoD Seal DISA Seal JITC Seal
JITC PUBLIC KEY INFRASTRUCTURE (PKI)
PUBLIC KEY INFRASTRUCTURE (PKI) HOME
Updated: 9/18/2019 7:59:14 AM
COMMON ACCESS CARD (CAC) ENTERPRISE TESTING OVERVIEW GLOBAL DIRECTORY SERVICES (GDS) OVERVIEW

The GDS JITC Arizona Test Lab core mission is to provide testing support to IA42 Directory Services Branch and its customers as part of DISA GDS Program via a lab that is an exact replica of the Defense Enterprise Computing Centers (DECC) deployed operational GDS system.

The GDS JITC Arizona Test Lab directly supports the GDS with operational configuration management and independent verification and validation testing of deploying GDS system and components.

JITC GDS provides NIPRNET based testing community an enterprise-wide PKI directory service that distributes Certificate Revocation Lists (CRL) and email public key encrypted certificates generated from the JITC PKI Project Management Office (PMO) test Certificate Authority (CA).

PUBLIC KEY-ENABLED (PKE) APPLICATION TESTING OVERVIEW

Applications must be enabled to take advantage of the services a PKI offers. Without enabled applications, the infrastructure holds little value. It is essential that applications become enabled and utilize the infrastructure. However, enabling is a complicated task. Applications must be tested to ensure they are enabled correctly, and are interoperable with the DoD PKI. The DoD PKI PMO established the Joint Interoperability Test Command (JITC) DoD PKE Certification Lab as an independent testing facility to perform interoperability testing on PKE applications. It is DoD policy that enabled applications be tested to ensure interoperability and compatibility with the DoD PKI. The lab supports this policy through the interoperability certification process.

The certification process is based on a master test plan containing all DoD PKE requirements and associated tests. This plan is used as a guideline for testing individual applications. Each PKE application is different and takes advantage of various DoD PKI services; therefore all the DoD PKE requirements may or may not be applicable to every application. JITC works individually with each application to analyze and determine which of the requirements and corresponding tests apply.

PUBLIC KEY INFRASTRUCTURE (PKI) OVERVIEW

The JITC PKI enclave mirrors the configuration of the operational PKI enclaves at the Defense Enterprise Computer Centers (DECCs) in Oklahoma City, OK, and Chambersburg, PA. This allows testing, development, and training to occur in an environment separate from the operational infrastructure yet with the same functionality. All software used by DoD PKI is tested at JITC before being installed at the DECCs. Configuration Management of the JITC PKI enclave is coordinated with the PKI PMO.

Customers of the PKI lab include:

Test certificates start with the Sponsor Agency as indicated at the PKI/PKE Help website https://cyber.mil/pki-pke/help

Once you navigate to the website, click the link "Combatant Command/Service/Agency Registration Authority (RA) Operations Offices" (this list is towards the bottom of the page).

The intent is for the Sponsor Agency of the product/test be the entity issuing the test certificate. This ensures a valid requirement exists for that particular test. The JITC PKI/PKE lab can provide services to users who do not have access to a Service or Agency RA. Questions about each Agency RA process should be directed to that Agency (emails and phone numbers are available on the website)."

Top of Page

DISA / JITC 2021