(0 Items) Login Register
Skip Navigation LinksProducts > ADSS CA Server > Features

ADSS CA Server - Certificate Server Software Features

Ease of Use

  • Simple to Integrate

    Uses a high level XML/SOAP interface to make it easy to integrate within any business process or online registration system that already provides Know Your Customer (KYC) authorisation services. Custom RA applications can also be provided.

  • Set-up Root or Subordinate CAs

    ADSS CA can be used to set-up a Root CA and Subordinate CAs from the same instance. Alternatively an existing back-end Root CA can be utilised. Online processing of certificate server applications can also be routed to a back-end CA if required, in this case ADSS CA acts as a front-end management proxy.

  • Roaming key generation

    Working in conjunction with Ascertia Go>Sign Applet, ADSS CA can receive secure roaming key containers from the Go>Sign Applet users and certify their public keys.  The secure roaming key containers are then stored centrally in a secure manner and made available to users on any machine when required and once the user has been successfully identified and authenticated.

  • Multiple Certificate Server Software Profiles

    Ability to set-up multiple certificate server software profiles which govern the type of keys and certificate to be generated, their lifetime and other important parameters.
    screenshot 1 | screenshot 2

  • Multiple Certificate Server Software Templates

    Ability to set-up multiple certificate server software templates so that different types of certificates (e.g. email security, document signing, SSL / VPN client certificates, etc.) can be easily generated. ADSS CA comes with 19 different default certificate templates, including for the issuance of certificates to OMA DRM Agents and OMA Rights Issuers.  These certificate templates can be easily edited or new ones added. screenshot

  • Server-side key generation

    This certificate server software supports complete server-side key generation and certification process so that there are no dependencies on browsers. This greatly simplifies the process as managing many different browser types and versions within a PKI solution soon becomes a real burden. Of course client-side key generation can also be optionally provided.

Security & Scalability

  • Proven Technology

    ADSS CA uses the well proven ADSS Server to deliver the underlying platform features such as optional dual controls, secure web-based management screens, secure event logging, trust anchor management, key and certificate management, secure operator logging and reporting as well as support for HSMs. screenshot 1 | screenshot 2 | screenshot 3

  • Maximum Security

    Certification services can be operated over SSL/TLS with client authentication, Operator access is also controlled with client certificates. Keys can be managed inside a secure FIPS approved HSM. Logs are tamper-evident. Dual Control operation is supported. ADSS CA has been tested to meet the requirements of CEN CWA 14167-1.

  • High-Availability

    ADSS CA can be easily implemented as a highly available service to meet demanding service level agreement needs. Multiple servers can work in parallel using standard load-balancing techniques and a resilient secondary site can also be established. Network HSMs, system platforms and database management systems can be used as required to meet availability requirements.

Platform Independence

  • Operating System Independence

    ADSS CA is a standard J2EE application and supported on Windows, Linux (Centos, Suse) and Solaris (X86 and Sparc). Other UNIX flavours can be supported also upon request.

  • Database independence

    ADSS CA Server configurations and transaction logs are stored within a DBMS, however because of our use of Hibernate® technology, it is DBMS independent. We support SQL Server, Oracle, MySQL and PostgreSQL.

  • HSM / Smartcard Independence

    Any PKCS#11 crypto device (i.e. HSM, smartcard or USB token) can work with ADSS server to generate cryptographic keys, store them and utilise them within the secure device.

  • Interoperability

    ADSS CA generates standard certificates, private key files PFX/PKCS#12, and X.509 CRLs.

Popular Keywords:

Digital Signature Solutions  -  Digital Signature Verification  -  Electronic Signature  -  OCSP Responder  -  PDF Digital Signatures  -  PDF Signing -  Timestamp Server Validation Authority  -  XML Signing -  Cloud-base Contract Signing
Copyright © 2002-2011 Ascertia. All rights reserved.

Company | Privacy Statement | Contact Us

Ascertia is a global provider of Digital Signature products and solutions that enable trust within electronic workflows. Organisations can now safely cross the final hurdle in migrating old paper-intensive approval processes to the new secure digital world. Ascertia’s Digital Signing products are designed to be easy to integrate and use in a range of business scenarios.