Exostar's Federated Identity Service (FIS) issues digital certificates for the following levels of assurance in compliance with the CertiPath (the PKI cross-certification bridge) policies:
- Basic Level of Assurance Certificates (BLOA)
- Basic Level of Assurance Certificates (BLOA)-SecureEmail
- Medium Level of Assurance (MLOA) Software Digital Certificates
- Medium Level of Assurance (MLOA) Hardware Digital Certificates
NOTE: If you select the invoice option during purchase, you must complete payment prior to issuance of MLOA certificates.
Please review the steps listed below and expand each section for additional details:
Step 1. Register with Exostar
To obtain an FIS certificate, you must have an Exostar’s Managed Access Gateway (MAG) account. For more information on MAG access and credentials , please see Exostar's Managed Access Gateway (MAG) page.
- Click here to complete organization registration.
Once you register your organization account and user account, an FIS Administrator for your organization must accept the FIS Terms and Conditions in MAG. For more information about FIS Administrator responsibilities, please see the FIS Administration page.
Step 2. Complete Purchase
You must complete a certificate purchase from Exostar's Webstore before proceeding with requesting FIS access. Please see the Purchase BLOA page for instructions on completing Basic Level of Assurance purchases and the Purchase MLOA page for instructions on completing Medium Level of Assurance purchases.
Step 3. Request FIS Access
With FIS now active for your organization, you must request the necessary certificate access for your user account. It is important to note, your organization must be subscribed to FIS MLOA Software or Hardware for users to request these certificates, otherwise, these options do not display during access request. If your organization is not subscribed at the appropriate assurance level, your Organization Administrator must upgrade the account. Please refer to the Upgrade FIS BLOA to FIS MLOA section on the Organization Administrators page for instructions.
To complete the self-registration process:
- Once you successfully login to Exostar's Managed Access Gateway (MAG), from your MAG Dashboard scroll to Applications section and click the Request Application sub-tab.
- Find the Federated Identity Service (FIS) application and click Request Access button.
- Fill out all necessary information under the FIS Certificate Information section.
- Fill out all necessary information under the User Information section.
- Click Next to submit your request.
NOTE: A submission confirmation screen displays and you must wait for your FIS Administrator to approve your request.
Step 4. Complete In-Person Proofing
This step ONLY applies to users who requested Medium Level of Assurance (MLOA) Hardware or Software, otherwise, Basic Level of Assurance (BLOA) users can proceed with certificate download. Please see the In-Person Proofing page for additional information on the proofing process and required documentation.
Please see the steps below as an overview of the proofing process:
- FIS Administrator approves your MLOA request.
- Exostar representative reviews request for purchase information and validation.
- Exostar representative dispatches your proofing request according to your location.
- A Trusted Agent contacts you to schedule your in-person proofing appointment.
- Complete in-person proofing. Trusted Agent provides your 16-digit passcode required for certificate download, and you receive your token in the mail (if MLOA Hardware).
- Exostar representative approves your Proofing Packet.
Important: The Trusted Agent fills out your proofing packet during the in-person proofing appointment, and faxes the packet back to Exostar for review. If any updates are required, Exostar reaches out to the Trusted Agent.
Step 5. Certificate Download
For users that requested Basic Level of Assurance access, once your FIS Application Administrator approves your BLOA certificate request, you can complete certificate download. Please see the Basic Certificate Download page for download instructions.
For users that requested Medium Level of Assurance access, once Exostar approves your proofing packet and FIS request, you can complete the MLOA certificate download process. Please see the Medium Certificate Download page for download instructions.
Step 6. Token Installation
If you were approved for Medium Level Hardware Certificates, you must download your certificates to the physical token Exostar shipped to you. Please see the Medium Certificate Download page for detailed token installation instructions.