LYNDONVILLE, N.Y.—Digital Alert Systems has announced the availability of a necessary update of Federal Emergency Management Agency (FEMA) digital certificates used to authenticate messaging from the Integrated Public Alert and Warning System (IPAWS).
The company has released updated IPAWS Certificate Authority (CA) credentials for the DASDEC and One-Net series of Emergency Alert System/Common Alerting Protocol (EAS/CAP) encoder/decoders to replace the current certification chain that expires on April 14.
The company noted that this is a free update for all U.S. DASDEC and One-Net users. The new certificate is fully functional right now, so customers are advised to replace the existing certificate to ensure the required message authentication continues to operate correctly.
“We teamed with FEMA and have fully tested this new certificate to ensure current and future compatibility, so customers can begin loading it right now,” said Adam Jones, senior sales engineer for Digital Alert Systems. “We appreciate FEMA getting these out so quickly, and our customers will be pleased to know this new certificate is good until March of 2031! No additional software update is required for this new certificate, and, of course, there is no cost to our customers.”
The company noted that this is a free update for all U.S. DASDEC and One-Net users. The new certificate is fully functional right now, so customers are advised to replace the existing certificate to ensure the required message authentication continues to operate correctly.
Digital Alert Systems also reminded all EAS participants that the FCC requires them to “configure their systems to reject all CAP-formatted EAS messages that include an invalid digital signature.”
The new certificates will also be packaged with the forthcoming DASDEC V5.3 release, so customers planning to update to that version can wait and get their certificates then if they wish, as long as they do it before April 14.
FEMA uses digital certificates to create a chain of trust between an EAS device and the IPAWS servers. Publicly trusted certificate authorities issue digital certificates. The DASDEC and One-Net EAS/CAP devices use these digital certificates to validate the authenticity of IPAWS-sourced CAP alerts. In this case, the old CA is changing, requiring the new CA to publish replacement certificates.
All DASDEC and One-Net customers using the IPAWS system must have the latest certificates in place so that the devices only process messages authenticated through IPAWS.
Digital Alert Systems stressed that users not updating their equipment before April 14 could see this error message: “Event Log: Digital Signature VERIFICATION ERROR: Signer UNTRUSTED! Check for correct CAP decoder CA file.” Alternatively, the device might simply ignore valid IPAWS alerts.
The new field service bulletin and CA file are now available from the Digital Alert Systems website at www.digitalalertsystems.com/alerting-authorities-digital-certs. DASDEC and One-Net customers should go to the website, download the field service bulletin for instructions, and link to the new CA file.
Further information about Digital Alert Systems and its products is available at www.digitalalertsystems.com.
