Kyrio is the exclusive public key infrastructure (PKI) provider for the Wi-Fi Alliance (WFA) and its members. Kyrio manages the WFA PKI and issues test and production certificates to ensure that WFA devices and systems meet security, encryption, and data integrity standards.
If you are ready to place an order, submit the associated documentation to pkiops@kyrio.com:
If you are looking for more information, let’s walk through the following questions:
What type of certificate(s) do you need?
There are two types of certificates offered for WFA:
- Online Sign–Up (OSU) Server: used to complete registration and credential provisioning for mobile devices.
- Test Bundles: used to test and validate the set-up of WFA authentication including certification of systems by an authorized test lab (ATL).
Is this your first time ordering certificates or are you getting additional certs or replacing an expiring cert?
If this is your first time, you will need to complete a Digital Certificate Subscriber Agreement (DCSA), which details information about your organization that we’ll need to issue you certificates.
If you are getting additional certificates or requesting a replacement for an expiring certificate, you simply need to complete the appropriate naming document. Also, if replacing an expiring certificate, please indicate the expiration date of your current certificate so we can align the dates accordingly.
If it’s been a while since you’ve ordered and your company contacts have changed, you’ll need to submit those updates via the Contact change form.
Have you created your CSR file?
You will need to complete a Certificate Signing Request (CSR) and include it as part of your request. Refer to Naming Document Subject DN section and make sure it matches your CSR exactly, including LLC/Inc., periods, commas, etc. (For example: “MyCo, Inc.”).
Need more details on creating a CSR file? See this handy reference.
How much do certificates cost? How do you want to pay?
- OSU Server Certs: $750 each (2 year expiration)
- Test Bundles: $2,500 each (2 year expiration). 10% discount for ATLs ($2,250 each).
Payment can be completed via a bank transfer or via a credit card. If choosing a bank transfer, please include a purchase order (PO) with your request. For credit cards, Kyrio will send you the total amount to remit through our third-party payment portal (PayPal). Please note there is a service charge associated with paying by credit card. Make sure to let us know if you are an ATL as there is a discount for the WFA Test Bundle for ATLs.
Full payments are required prior to services/certificates being completed.
Where do I get the intermediate and root certificates?
The root and intermediate certificates for WFA can be found on the PKI resources page. Please note, the intermediate certificate needed depends on which CA issued the certificate and the PKI resources page will provide more information.
Ready to go?
Please send the following in an email to pkiops@kyrio.com.
- Your DCSA (if you are a new customer) and/or your Naming documents (if returning customer or you are new and ordering more than one certificate).
- Your CSR file.
- A purchase PO if paying via bank transfer and who to email for payment if paying with a Credit Card
What happens next?
Once you submit the documentation noted above, the Kyrio PKI Operations team will process your request. Once payment has been received, certificates are usually available within 2 business days and posted to our secure delivery portal. You will receive instructions on how to retrieve the certificates at that time.
Do you have any questions?
Contact pkiops@kyrio.com with any questions you might have.
