National

Replace Your Expiring DASDEC IPAWS Certificate

Digital Alert Systems and Monroe Electronics announced the availability of an important update of Federal Emergency Management Agency (FEMA) digital certificates used to authenticate messaging from the IPAWS system. The companies have released updated IPAWS Certificate Authority (CA) credentials for the One-Net™ and DASDEC™ series of Emergency Alert System/Common Alerting Protocol (EAS/CAP) encoder/decoders to replace a certificate in the current certification chain that will expire on Sept. 24. One-Net and DASDEC users in the U.S. are advised to replace the soon-to-expire certificate to assure that devices configured to require message authentication will continue to operate properly. T

“DASDEC and One-Net users are urged to take the simple step of updating their certificate files before Sept. 24 to allow continued authentication of IPAWS CAP alert messaging,” said Ed Czarnecki, senior director of strategy and government affairs for Monroe Electronics and Digital Alert Systems. “This is the second such certificate replacement this year, so we are actively working with FEMA IPAWS to look at methods for automating this update process and hope to have such a process in place before the next certificate update occurs in 2019.”

FEMA uses digital certificates called CAs to create a “chain of trust” between an EAS device and the IPAWS servers. The One-Net and DASDEC EAS/CAP devices use these special digital certificates to validate the authenticity of IPAWS-sourced CAP alerts. These certificates are designed to expire at a specific date and time, requiring the issuing authority to publish new certificates from time to time.

All One-Net and DASDEC customers using the IPAWS system must have the latest digital certificates in place to assure the validity of the communications chain of trust by only processing messages that are authenticated through the IPAWS system. IPAWS users who fail to update their equipment before Sept. 24 could see the error message: “Event Log:Digital Signature VERIFICATION ERROR : Signer UNTRUSTED! Check for correct CAP decoder CA file.;”

The new field service bulletin and CA file are available now from the Digital Alert Systems website at www.digitalalertsystems.com/resources_fsb.html. One-Net and DASDEC customers should go to the website, download the field service bulletin for instructions, and link to the new CA file.