PHINMS Digital Certificate Policy
Digital Certificate Issuance
A Digital Certificate is required for security purposes when using the PHIN Messaging System (PHINMS) to send and receive messages privately and securely. The Digital Certification verifies the identity of the Sender and provides the sender and receiver with the means to encrypt and decrypt a message respectively.
CDC Sponsored Programs
CDC certificates are issued to CDC program users for authenticating the PHINMS Sender in an Organization to the CDC PHINMS Receiver.
Non-CDC Sponsored Programs
Non-CDC sponsored programs should obtain digital certificates from any Certificate Authority (CA) for authenticating the PHINMS Sender to other PHINMS Receivers outside of the CDC. There are many CA vendors which issue Client Certificate and SSL Server Certificates. Vendors include, but not limited to Symantec Verisign, Thawte, Entrust, Equifax, and Geotrust. PHINMS does not recommend one over the other. An existing and self-signed certificate may be used.