The Exostar SHA-1 PKI is no longer an approved external PKI as of 01 August 2014. Exostar SHA-1 CAs have been removed from the DoD Approved External PKI Master Document and certificate trust chains file that are posted on IASE. Per DoD CIO, DoD relying parties may no longer accept Exostar SHA-1 certificates and should remove Exostar SHA-1 CA certificates from certificate trust stores. Certificates issued by the Exostar SHA-256 PKI are valid and may be accepted by DoD Relying Parties – Aug 01, 2014.