From the FDA ESG website:
"The Food and Drug Administration (FDA) Electronic Submissions Gateway (ESG) is an Agency-wide solution for accepting electronic regulatory submissions. The FDA ESG enables the secure submission of regulatory information for review.
The FDA ESG is the central transmission point for sending information electronically to the FDA. Within that context, the FDA ESG is a conduit along which submissions travel to reach their final destination. It does not open or review submissions; it automatically routes them to the proper FDA Center or Office."
"FDA forms (e.g., 1571, 356h) and documents require a signature. The FDA's General Counsel (GC) has said that the FDA must be able to determine the origin of a submission in order to implement fully electronic submissions. The PKI (x.509 version 3 class I) Certificate employed by the ESG allows the FDA to determine the origin of the submission through the use of a public/private key exchange."
GlobalSign offers the required X.509 V3 Client Digital Certificate, allowing users to electronically submit data to the FDA.
FDA ESG Checklist
The FDA's Webtrader Account Checklist will help you keep track of your progress and provide additional details on the account setup process.
GlobalSign's PersonalSign products are fully compatible with the FDA ESG.
You must use an e-mail address associated with your business. The e-mail must also contain your name.
You can use the SHA-256 Certificates to make FDA submissions.
Update: The FDA supports SHA-256 for both the ESG and for S/MIME (secure/encrypted email purposes). All customers should use SHA-256 Certificates for FDA related use cases. Please note: GlobalSign will be deprecating SHA-1 PersonalSign (Client Certificates) by December 2017.
The FDA is in the midst of migrating to a new S/MIME proxy which supports SHA-256. Any newly added users are being added to this new system.
The FDA is allowing those customers with unexpired SHA-1 Certificates to continue to use them. The migration is domain by domain, so if one person from an existing domain which is still on the old S/MIME system wants to upgrade to SHA-256, all users set up for S/MIME from their domain would have to be migrated over at the same time to support that. The FDA is working with those who need to be moved over earlier as well, vs. waiting for their migration phase.
Shared accounts Policy
- ESG accounts cannot be shared.
- Each individual must have their own account.
- Each individual is limited to one account.
- There is no limit to the total number of accounts held by a company.
- The registered e-mail address must be for an individual and not a group e-mail.
Frequently Asked Questions
1. How do I set myself up with a Certificate, so I can access the FDA?
When you’ve completed your checklist, you can start the enrollment process using the following steps:
Step 1: Request a WebTrader test account using this link: https://support.globalsign.com/customer/en/portal/articles/1213328-step-1-request-a-webtrader-test-account---fda-esg
Step 2: Order your PersonalSign Certificate: https://support.globalsign.com/customer/en/portal/articles/1214757-step-2-order-client-digital-certificate---fda-esg
Step 3: Download and install your Certificate: https://support.globalsign.com/customer/en/portal/articles/1211525-step-3-download-and-install-the-certificate---fda-esg
Step 4: Export your public key: https://support.globalsign.com/customer/en/portal/articles/1295563-step-4-export-public-key---fda-esg
Step 5: Set up a test account: https://support.globalsign.com/customer/en/portal/articles/1295524-step-5-set-up-a-test-account---fda-esg
Step 6: Complete a test submission: https://support.globalsign.com/customer/en/portal/articles/1213228-step-6-complete-a-test-submission---fda-esg
2. How do I reissue my Certificate?
You can reissue your Certificate through your GCC account using the following guide: https://support.globalsign.com/customer/en/portal/articles/1251626-reissue-certificate---client-digital-certificates
3. How do I renew my Certificate?
For steps on how to renew, simply follow the instructions on this guide: https://support.globalsign.com/customer/en/portal/articles/1397873-update-public-key---fda-esg-renewals-reissues-
4. I’ve renewed/reissued my Certificate, what do I do now?
Step 1: Download and install:
Step2: Export cert into p7b:
Step 3: Email the public key (.p7b) to ESGHelpDesk@fda.hhs.gov, providing the following information:
- Primary account holder's name
- Electronic Submissions Gateway Account name
5. I can’t find my pfx file for my Certificate, where do I find it?
If you no longer have a copy of the original Certificate downloaded on your computer, then you will need to reissue the Certificate to receive in a new .pfx file. Please refer to https://support.globalsign.com/customer/en/portal/articles/1251626-reissue-certificate---client-digital-certificates.
6. I’m encountering an error whilst using my PersonalSign Certificate, what does it mean?
Errors can occur when using your PersonalSign Certificate, for more information about why the error may be happening, please consult: https://support.globalsign.com/customer/en/portal/articles/1211773-common-errors---fda-esg
7. How do I encrypt my email with FDA contacts?
Refer to https://support.globalsign.com/customer/en/portal/articles/1644492-secure-e-mail---fda for a step by step process.