Symantec DOD Interoperability – ECA Certificates

Securely transact with the DoD online

Symantec is certified by the United States Department of Defense (DoD) as a provider of External Certification Authority (ECA) digital certificates for government contractors, state and local governments and employees of foreign governments. ECA certificates enable secure on-line transactions with DoD agencies, digitally signing documents, and encrypting e-mail communications.

End of Life Announcement for Symantec ECA Certificates

Symantec will be discontinuing the availability of its External Certificate Authority (ECA) offering. We have worked out an arrangement with IdenTrust, another ECA vendor, to make it easier for Customers to buy ECA certificates from IdenTrust. Customers can purchase ECA certificates from IdenTrust by following this link IdenTrust has a comparable Trusted Agent offering. Trusted Agents will need to apply and be verified by IdenTrust at

The Symantec ECA offering will be phased out as follows:

August 16, 2016 - End of Sale: Symantec will stop selling the ECA offering. No new ECA certificates will be issued.

August 16, 2016 - End of Renewal: Symantec will stop renewals for all the existing certificates.

August 17, 2017 - End of Life: All certificates will expire or are revoked. Symantec ECA operations will cease.

For more information, please refer to the Symantec ECA End-of-Life and Transition FAQ.

Completing the Certificate Chain

Completing the Certificate Chain

The personal ECA Identity certificate is one of three certificates the DoD will validate against when a user attempts to connect to their site. These three certificates make up a ‘certificate chain’ that must be intact for the ECA certificate to be validated.

The ECA Root and Intermediate Certificates need to be downloaded and installed prior to picking up ECA certificate, before or after enrollment. Please follow the complete instructions to download and install the ECA Root and Intermediate Certificates.

Additional Information

Symantec ECA roots will enable you to read messages encrypted or signed with a certificate issued by the Symantec ECA Root CA.

U.S. Government roots will enable you to read messages encrypted or signed with a certificate issued by the U.S. Government DoD PKI Root CA.

Tools for ECA Certificates

Verification of your ECA Certificates after Installation

How to verify your ECA Certificate installation and a brief tutorial on how to access the DoD websites with your valid ECA Certificate.

How to Export/Backup your Certificates

Symantec recommends that you backup your certificates in case your computer fails. There are situations where you may want to use the certificates on another computer as well, and this page can help you with all situations where you need to move the certificates.

How to use your Certificates with Email Clients

The Symantec ECA Certificates can help protect your correspondence by validating who you are with email recipients and encrypting the contents of your messages allowing those contents to be viewed by only those you approve.

Tools for ECA Certificates

Request the Recovery of a Private Key

In the event that you lose your ECA Encryption Certificate Private Key, Symantec offers the following options to recovery it. It should be noted that there is a fee associated with recovering your key.

Request the Recovery of a Private Key

More about External Certificate Authority (ECA) Certificates


Additional data sheets, white papers, webcasts, videos and more

Learn More

System Requirements

See detailed information about installation, environment and other system requirements

Learn More


Returning Users Revoke