DoD CAC Authentication Demo

Secure mTLS authentication using Common Access Cards

Not Authenticated

No valid CAC certificate detected

How It Works

  1. Certificate Upload: DoD Root CA 6 and all intermediate CAs (70-79) are uploaded to Cloudflare as a trusted CA bundle
  2. mTLS Handshake: When you connect, Cloudflare requests a client certificate signed by one of these trusted CAs
  3. Validation: Cloudflare validates the full certificate chain against the uploaded CA bundle
  4. Authentication: If valid, your certificate details are passed to the Worker for processing

Supported Certificate Authorities

DoD Root CA 6
DOD ID CA-70
DOD ID CA-71
DOD ID CA-72
DOD ID CA-73
DOD ID CA-78
DOD ID CA-79