What is Certification Authority Server?
A Certificate Authority Server provides an easy-to-use and effective solution for creating and storing asymmetric key pairs for encrypting or decrypting, as well as for signing or verifying objects that depend on a public key infrastructure (PKI).
The certification authority server generates a root certificate for digitally signing other certificates. Generation of PKI key pairs; and also sign firmware updates, code, and other items that require a digital signature.
CA servers can manage customer certificate enrollment requests and issue and revoke digital certificates. All CA servers are designed to meet identity management requirements. By using the PKI, companies can efficiently protect the identity of their users. This provides users with reliable email signature and encryption, network authentication, and wireless network access.
Although different CA servers have different capabilities, most of them provide some or all of the following capabilities:
Complies with RFC 5280
Allows the creation of root CAs and subordinate CAs
Supports various logical PKIs consisting of certification authorities with their own certificate signing keys
Offers the potential to set up different certificate profiles
Supports various configurable certificate templates, e.g. B. SSL server or client, email signing or encryption, EV SSL, DRM, IPSec, TSA certificates, code signing, etc.
Provides easy server-side and client-side key generation
Supports LDAP / HTTP publishing and X.509 CRL output
CWA 14167-1 certified security management to guarantee qualified CA services
Supports Hardware Security Module (HSM) centered CA private storage and processing
Provides RSA certificate signing
Provides ECDSA certificate signing
Supports various hash algorithms
High reliability, availability and throughput capability
Uses solid access control and user authentication