The US Department of Treasury is initiating a renewal of the public certificate securing the www.treasury.gov website, including OFAC’s sanctions lists downloads. This announcement is especially important for users that utilize command line interfaces to download OFAC’s sanctions list data. The existing certificate (expiring June 6, 2019) will be replaced on May 16, 2019 at 9PM. This process will take roughly 3-6 hours for the replacement certificate to be distributed worldwide.
If your application pins or otherwise trusts the serial number of the existing certificate as part your application functionality, you may need to update your configuration to trust the renewed certificate. The renewed public certificate, effective May 16, 2019 at 9PM, can be downloaded via the following URL, https://s3.amazonaws.com/www.treasury.gov-2019-certificate/www.treasury.gov-2019-2020-Renewed-Certificate.zip. To prevent loss in functionality, please ensure that your applications trust this certificate by the May 16th replacement date.
After the renewed certificate is deployed on May 16, you may view the renewed certificate publically via the following instructions, https://s3.amazonaws.com/www.treasury.gov-2019-certificate/Instructions+to+Obtain+Latest+Treasury.gov+Certificate_v2.pdf.
Please contact OFAC technical support at 1-800-540-6322 Option #8 or O_F_A_C@treasury.gov with any questions that you may have about this change.