• Automates the deployment of the trust chains required for PACS authentication scenarios during vendor-side pre-testing
• Removes previously applied trust paths to help maintain clean and consistent test environments
• Supports testing scenarios involving PIV, PIV-I, CAC, NIST, and ICAM Test credentials
• Ensures consistent, repeatable trust-path configuration across multiple test cycles
• Helps vendors prepare for APL submission by reducing trust-path misconfiguration issues seen during pre-testing
• Supports Windows Desktop (workstations) and Windows Server environments
• Does not modify PACS configuration outside the trust-store material

Trust-path setup is one of the most error-prone and time-consuming tasks during PACS FRTC pre-submission evaluations. This tool provides repeatability, audit-readiness, and significant time savings for both testing organizations and vendors preparing for submission.

Trust-path setup is one of the most time-consuming and error-prone steps in PACS pre-submission evaluations. Incorrect certificate chains, missing intermediates, or stale trust material are common causes of:

• Authentication failures
• Unexpected revocation-handling errors

All executables, PowerShell scripts, and installers are digitally signed using SynchroCyber’s Sectigo Code Signing Certificate.

Code Signing Certificate Trust Chain:

Or it may be downloaded from Sectigo:
https://www.sectigo.com/knowledge-base/detail/Access-New-Sectigo-Certificate-Chain/kA0Uj0000005KHRKA2

Root Certificate Store

Sectigo AAA

Intermediate Certificate Store

Sectigo Public Code Signing Root R4

Sectigo Public Code Signing CA R36

Root Store:

AAA_Certificate_Services_Root.cer

Intermediate Store:

AAA_To_R46_Intermediate.cer

R46_to_R36_Intermediate.cer

The SynchroCyber FRTC Trust Path Automation Tool was developed by James Burke, an ICAM engineer with extensive experience supporting federal identity, credential, and access management programs. James specializes in smartcard authentication, PKI trust-path engineering, and FIPS 201–aligned PACS testing.

His work spans PIV, PIV-I, CAC, certificate validation, authentication mode behavior, and identity lifecycle integrations, including USAccess and SIP automation. James has supported federal ICAM modernization efforts, Zero Trust initiatives, and PACS engineering across multiple agencies and environments.

The tool was created to help vendors and engineering teams accelerate testing, reduce misconfigurations, and improve trust-path reliability — developed independently of any official GSA evaluation activities and fully compliant with conflict-of-interest and nondisclosure requirements.

Registered as a Certified Systems Engineer ICAM PACS (CSEIP) with Secure Technology Alliance. View our Certified Systems Engineer ICAM PACS (CSEIP) Certificate.