AIS non-federal participants are required to obtain a “Medium Device Assurance level” client certificate/key pair from an approved Federal Bridge Certificate Authority (FBCA). This client certificate is needed for your client to authenticate with the TAXII server during the 2-way TLS/SSL communication.
Below please find a list of DHS-approved vendors that offer FBCA client certificates that are compatible with the CISA AIS TAXII server. Other Certificate Authority vendors not included on the list below are not supported by the AIS TAXII server at this time:
Federal participants may use an approved Federal PKI certificate authority (FPKI) such as a PKI shared service provider (SSP), private sector certification authority or federal agency legacy certificate authority. The complete list of compatible certificate authority providers are not reflected in the list above.
* CISA does not endorse any commercial product or service, including any subjects of analysis. Any reference to specific commercial products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply their endorsement, recommendation, or favoring by CISA.